In August 2017, the California Office of the Attorney General disclosed a data breach affecting CoreLogic Credco, a consumer credit reporting agency. The incident occurred between July 21 and August 7, 2017, when unauthorized actors gained access to a system containing sensitive consumer data. The compromised information included names, addresses, Social Security Numbers (SSNs), and other personally identifiable details, though the exact number of affected individuals remains undisclosed. The breach exposed highly sensitive personal data, raising significant concerns about identity theft, financial fraud, and long-term reputational damage for both the company and the impacted consumers. While the attack did not involve ransomware or a direct financial demand, the unauthorized access to SSNs and personal records represents a severe violation of data security, potentially enabling fraudulent activities such as loan applications, tax fraud, or phishing scams targeting the victims. The incident underscores vulnerabilities in CoreLogic Credco’s data protection measures, particularly in safeguarding consumer credit information a critical asset for financial institutions and individuals alike. The lack of clarity on the breach’s full scope further complicates risk assessment for affected parties, leaving them exposed to prolonged threats without definitive remediation steps.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-101467
TPRM report: https://www.rankiteo.com/company/corelogic-credco
"id": "cor943091725",
"linkid": "corelogic-credco",
"type": "Breach",
"date": "7/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'Consumer Credit Reporting / Real Estate '
'Data',
'location': 'California, USA',
'name': 'CoreLogic Credco',
'type': 'Company'}],
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 'Unknown',
'personally_identifiable_information': ['names',
'addresses',
'Social Security '
'Numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'date_detected': '2017-08-07',
'date_publicly_disclosed': '2017-08-29',
'description': 'The California Office of the Attorney General reported a data '
'breach involving CoreLogic Credco. The breach occurred '
'between July 21, 2017, and August 7, 2017, involving '
'unauthorized access to consumer information, including names, '
'addresses, Social Security Numbers, and other personal '
'details. The number of affected individuals is currently '
'unknown.',
'impact': {'data_compromised': ['names',
'addresses',
'Social Security Numbers',
'other personal details'],
'identity_theft_risk': 'High (PII exposed)'},
'references': [{'date_accessed': '2017-08-29',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'California Office of '
'the Attorney General'},
'response': {'law_enforcement_notified': 'Yes (California Office of the '
'Attorney General)'},
'title': 'CoreLogic Credco Data Breach (2017)',
'type': 'Data Breach'}