Provo Craft & Novelty, Inc.

On October 6, 2017, the Washington Office of the Attorney General reported a data breach involving Provo Craft & Novelty, Inc. The breach occurred between May 27 and July 12, 2017, and affected approximately 773 Washington residents. The breach involved a cyberattack designed to scrape payment card information and personal identifiers from customers during online transactions.

Source: https://www.atg.wa.gov/data-breach-notifications | https://data.wa.gov/resource/sb4j-ca4h.json?id=9743

TPRM report: https://www.rankiteo.com/company/cricut

"id": "cri441072625",
"linkid": "cricut",
"type": "Cyber Attack",
"date": "5/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 773,
                        'industry': 'Retail',
                        'name': 'Provo Craft & Novelty, Inc.',
                        'type': 'Company'}],
 'attack_vector': 'Cyberattack',
 'data_breach': {'number_of_records_exposed': 773,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Payment Card Information',
                                              'Personal Identifiers']},
 'date_detected': '2017-07-12',
 'date_publicly_disclosed': '2017-10-06',
 'description': 'A data breach involving Provo Craft & Novelty, Inc. that '
                'compromised payment card information and personal identifiers '
                'of customers during online transactions.',
 'impact': {'data_compromised': ['Payment Card Information',
                                 'Personal Identifiers']},
 'motivation': 'Financial Gain',
 'references': [{'date_accessed': '2017-10-06',
                 'source': 'Washington Office of the Attorney General'}],
 'title': 'Provo Craft & Novelty Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Web Application Vulnerability'}