Breach cyber

Drug Free Workplaces USA

Jan 12, 2026 1 min read
Drug Free Workplaces USA

The Vermont Office of the Attorney General disclosed a data breach affecting Drug Free Workplaces USA, where unauthorized actors gained access to two employee email accounts between March 29, 2023, and May 4, 2023. The incident exposed sensitive information, specifically the full names of four Rhode Island residents. While the breach was limited in scope impacting only a small number of individuals it involved internal employee accounts, raising concerns about potential further exposure of confidential or proprietary data. The breach was formally reported on October 26, 2023, indicating a delayed public disclosure. The compromised email accounts could have contained additional personal or corporate information, though the report did not specify whether financial, medical, or other high-risk data was accessed. The incident highlights vulnerabilities in email security protocols and the risks associated with third-party access to employee credentials.

Source: https://ago.vermont.gov/document/2023-10-26-drug-free-workplaces-usa-data-breach-notice-consumers

TPRM report: https://www.rankiteo.com/company/drugfreeworkplacesusa

"id": "dru027091825",
"linkid": "drugfreeworkplacesusa",
"type": "Breach",
"date": "3/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': '4 (Rhode Island residents)',
                        'name': 'Drug Free Workplaces USA',
                        'type': 'Organization'}],
 'attack_vector': 'Unauthorized Access (Email Compromise)',
 'data_breach': {'number_of_records_exposed': '4',
                 'personally_identifiable_information': ['Full Names'],
                 'sensitivity_of_data': 'Moderate (Full Names)',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)']},
 'date_publicly_disclosed': '2023-10-26',
 'description': 'The Vermont Office of the Attorney General reported that Drug '
                'Free Workplaces USA experienced a data breach involving '
                'unauthorized access to two employee email accounts from '
                'approximately March 29, 2023, to May 4, 2023. The breach '
                'potentially affected four Rhode Island residents and involved '
                'their full names.',
 'impact': {'data_compromised': ['Full Names'],
            'identity_theft_risk': 'Potential (Full Names Exposed)',
            'systems_affected': ['Two Employee Email Accounts']},
 'initial_access_broker': {'reconnaissance_period': '2023-03-29 to 2023-05-04'},
 'references': [{'date_accessed': '2023-10-26',
                 'source': 'Vermont Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Vermont Office of the '
                                                        'Attorney General']},
 'title': 'Data Breach at Drug Free Workplaces USA Involving Unauthorized '
          'Email Access',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.