The Maine Attorney General's Office reported on January 20, 2023, that Credit Suisse AG experienced a data breach due to insider wrongdoing involving a former IT employee who improperly accessed and moved sensitive data outside the company's systems. The breach, discovered on December 21, 2022, affected a total of 9 individuals, all of whom are residents of Maine, and involved compromised financial account numbers. Identity theft protection services were offered for 24 months through Experian.
TPRM report: https://www.rankiteo.com/company/credit-suisse
"id": "cre441072925",
"linkid": "credit-suisse",
"type": "Breach",
"date": "1/2016",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 9,
'industry': 'Finance',
'location': 'Global',
'name': 'Credit Suisse AG',
'type': 'Financial Institution'}],
'attack_vector': 'Insider Threat',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 9,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Financial Account Numbers'},
'date_detected': '2022-12-21',
'date_publicly_disclosed': '2023-01-20',
'description': 'A data breach at Credit Suisse AG due to insider wrongdoing '
'involving a former IT employee who improperly accessed and '
"moved sensitive data outside the company's systems.",
'impact': {'data_compromised': 'Financial Account Numbers',
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'motivation': 'Unknown',
'references': [{'date_accessed': '2023-01-20',
'source': "Maine Attorney General's Office"}],
'response': {'third_party_assistance': 'Experian'},
'threat_actor': 'Former IT Employee',
'title': 'Credit Suisse AG Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Improper Access Controls'}