The Vermont Office of the Attorney General reported a data breach involving City Facilities Management (US) LLC on December 28, 2023. The breach occurred on November 30, 2023, as a result of an unauthorized third party exploiting a vulnerability in the MOVEit Transfer application, impacting personal information including names, addresses, and Social Security numbers.
TPRM report: https://www.rankiteo.com/company/cfmus
"id": "cfm622072725",
"linkid": "cfmus",
"type": "Vulnerability",
"date": "11/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'location': 'US',
'name': 'City Facilities Management (US) LLC',
'type': 'Company'}],
'attack_vector': 'Exploitation of Vulnerability',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'addresses',
'Social Security numbers']},
'date_detected': '2023-11-30',
'date_publicly_disclosed': '2023-12-28',
'description': 'The Vermont Office of the Attorney General reported a data '
'breach involving City Facilities Management (US) LLC on '
'December 28, 2023. The breach occurred on November 30, 2023, '
'as a result of an unauthorized third party exploiting a '
'vulnerability in the MOVEit Transfer application, impacting '
'personal information including names, addresses, and Social '
'Security numbers.',
'impact': {'data_compromised': ['names',
'addresses',
'Social Security numbers']},
'references': [{'date_accessed': '2023-12-28',
'source': 'Vermont Office of the Attorney General'}],
'threat_actor': 'Unauthorized third party',
'title': 'Data Breach at City Facilities Management (US) LLC',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit Transfer application vulnerability'}