Credit Suisse AG suffered a breach after a former IT employee with authorized access to the data accessed and wrongly moved the data outside of Credit Suisse’s systems.
The types of information acquired by the employee included individuals’ name or other personal identifier in combination with: “Financial Account Number or Credit/Debit Card Number (in combination with security code, access code, password or PIN for the account)”
TPRM report: https://scoringcyber.rankiteo.com/company/credit-suisse
"id": "cre214125123",
"linkid": "credit-suisse",
"type": "Breach",
"date": "01/2023",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Finance',
'name': 'Credit Suisse AG',
'type': 'Financial Institution'}],
'attack_vector': 'Insider Threat',
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Financial Account Number',
'Credit/Debit Card Number']},
'description': 'Credit Suisse AG suffered a breach after a former IT employee '
'with authorized access to the data accessed and wrongly moved '
'the data outside of Credit Suisse’s systems.',
'impact': {'data_compromised': ['Financial Account Number',
'Credit/Debit Card Number']},
'motivation': 'Unknown',
'threat_actor': 'Former IT Employee',
'title': 'Credit Suisse Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Data Transfer'}