The Vermont Office of the Attorney General reported a data breach notification from The Day & Zimmermann Group on October 2, 2023. The incident involved an inadvertent exposure of employee information due to a vendor's modification in the SuccessFactors Human Resources system on September 8, 2023, potentially affecting data such as home addresses and bank account information for an unspecified number of employees.
Source: https://ago.vermont.gov/document/2023-10-02-day-zimmermann-group-data-breach-notice-consumers
TPRM report: https://www.rankiteo.com/company/day-&-zimmermann
"id": "day552072625",
"linkid": "day-&-zimmermann",
"type": "Breach",
"date": "9/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'name': 'The Day & Zimmermann Group',
'type': 'Company'}],
'attack_vector': 'Inadvertent Exposure',
'data_breach': {'type_of_data_compromised': ['Home Addresses',
'Bank Account Information']},
'date_detected': '2023-09-08',
'date_publicly_disclosed': '2023-10-02',
'description': 'The Vermont Office of the Attorney General reported a data '
'breach notification from The Day & Zimmermann Group on '
'October 2, 2023. The incident involved an inadvertent '
"exposure of employee information due to a vendor's "
'modification in the SuccessFactors Human Resources system on '
'September 8, 2023, potentially affecting data such as home '
'addresses and bank account information for an unspecified '
'number of employees.',
'impact': {'data_compromised': ['Home Addresses', 'Bank Account Information'],
'systems_affected': ['SuccessFactors Human Resources System']},
'references': [{'date_accessed': '2023-10-02',
'source': 'Vermont Office of the Attorney General'}],
'title': 'Data Breach at The Day & Zimmermann Group',
'type': 'Data Breach',
'vulnerability_exploited': 'Vendor Modification in HR System'}