**Donaghy Sales Reports Data Breach Impacting Sensitive Personal Information**
Donaghy Sales, a corporate entity, disclosed a data breach to the California Attorney General after detecting unusual activity in a corporate email account on or around July 22, 2025. An investigation revealed that an unauthorized third party accessed and potentially acquired sensitive personal information between July 22 and July 23, 2025.
While the company has not publicly specified the exact types of data compromised as of December 16, 2025, California state guidelines define "personal information" broadly, including:
- Names
- Social Security numbers
- Government-issued IDs (e.g., driver’s licenses, passports)
- Financial account details (e.g., credit/debit card numbers with security codes)
- Medical and health insurance information
- Biometric data (e.g., fingerprints, retina scans)
- Genetic data
On December 12, 2025, Donaghy Sales began mailing breach notification letters to affected individuals, detailing the exposed data types and offering complimentary credit monitoring services. The incident underscores the risks of email-based breaches and the potential exposure of highly sensitive personal records.
Source: https://straussborrelli.com/2025/12/16/donaghy-sales-data-breach-investigation/
Donaghy Sales TPRM report: https://www.rankiteo.com/company/donaghy-sales-inc
"id": "don1765900724",
"linkid": "donaghy-sales-inc",
"type": "Breach",
"date": "7/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Impacted individuals (number '
'not specified)',
'location': 'California, USA',
'name': 'Donaghy Sales',
'type': 'Corporation'}],
'attack_vector': 'Email Account Compromise',
'customer_advisories': 'Data breach notification letters sent to impacted '
'individuals',
'data_breach': {'data_exfiltration': 'Potential',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Name',
'Social Security number',
'Driver’s license number',
'California identification card '
'number',
'Tax identification number',
'Passport number',
'Military identification number',
'Other unique identification '
'number issued on a government '
'document',
'Account number or credit or '
'debit card number (with '
'security code/access '
'code/password)',
'Medical information',
'Health insurance information',
'Unique biometric data '
'(fingerprint, retina, or iris '
'image)',
'Automated license plate '
'recognition system data',
'Genetic data']},
'date_detected': '2025-07-22',
'date_publicly_disclosed': '2025-12-12',
'description': 'Donaghy Sales experienced a data breach where sensitive '
'personal identifiable information in its care may have been '
'compromised. Unusual activity was detected within a single '
'corporate email account, leading to an investigation that '
'confirmed unauthorized access and acquisition of sensitive '
'personal information.',
'impact': {'data_compromised': 'Sensitive personal identifiable information',
'identity_theft_risk': 'High',
'payment_information_risk': 'Potential',
'systems_affected': 'Corporate email account'},
'initial_access_broker': {'entry_point': 'Corporate email account'},
'investigation_status': 'Completed (initial investigation)',
'recommendations': 'Providing complimentary credit monitoring services to '
'affected individuals',
'references': [{'source': 'Attorney General of California Breach '
'Notification'}],
'regulatory_compliance': {'regulations_violated': 'California Data Breach '
'Notification Laws',
'regulatory_notifications': 'Filed with the '
'Attorney General of '
'California'},
'response': {'communication_strategy': 'Data breach notification letters '
'mailed to impacted individuals'},
'threat_actor': 'Unauthorized Third Party',
'title': 'Donaghy Sales Data Breach',
'type': 'Data Breach'}