CSX Transportation, Inc.

The Maine Office of the Attorney General reported that CSX Transportation, Inc. experienced a data breach involving a vulnerability in Accellion's File Transfer Appliance software on December 25, 2020. The breach affected 12,867 individuals, potentially exposing their names and Social Security numbers. Notification letters were mailed starting March 16, 2021.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/71cea8ff-e533-4a4b-a53f-cef90233f023.shtml

TPRM report: https://www.rankiteo.com/company/csx-transportation

"id": "csx201072525",
"linkid": "csx-transportation",
"type": "Vulnerability",
"date": "12/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': 12867,
                        'industry': 'Transportation',
                        'name': 'CSX Transportation, Inc.',
                        'type': 'Company'}],
 'attack_vector': 'Vulnerability Exploitation',
 'data_breach': {'number_of_records_exposed': 12867,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Social Security numbers']},
 'date_detected': '2020-12-25',
 'date_publicly_disclosed': '2021-03-16',
 'description': 'CSX Transportation, Inc. experienced a data breach involving '
                "a vulnerability in Accellion's File Transfer Appliance "
                'software.',
 'impact': {'data_compromised': ['Names', 'Social Security numbers']},
 'references': [{'source': 'Maine Office of the Attorney General'}],
 'title': 'CSX Transportation Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': "Accellion's File Transfer Appliance software"}