Enstar (US) Inc.

May 29, 2023 — 1 min read

The California Office of the Attorney General reported a data breach involving Enstar (US) Inc. on November 20, 2023. The breach occurred between May 29, 2023, and May 31, 2023, due to exploitation of a zero-day vulnerability in the MOVEit Transfer tool, potentially impacting 103 Rhode Island residents.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-576823

TPRM report: https://www.rankiteo.com/company/enstar-group-ltd

"id": "ens054072825",
"linkid": "enstar-group-ltd",
"type": "Vulnerability",
"date": "5/2023",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"

{'affected_entities': [{'customers_affected': 103,
                        'location': 'Rhode Island',
                        'name': 'Enstar (US) Inc.',
                        'type': 'Company'}],
 'attack_vector': 'Exploitation of Zero-Day Vulnerability',
 'data_breach': {'number_of_records_exposed': 103},
 'date_detected': '2023-11-20',
 'date_publicly_disclosed': '2023-11-20',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving Enstar (US) Inc. on November 20, 2023. The '
                'breach occurred between May 29, 2023, and May 31, 2023, due '
                'to exploitation of a zero-day vulnerability in the MOVEit '
                'Transfer tool, potentially impacting 103 Rhode Island '
                'residents.',
 'references': [{'date_accessed': '2023-11-20',
                 'source': 'California Office of the Attorney General'}],
 'title': 'Data Breach at Enstar (US) Inc.',
 'type': 'Data Breach',
 'vulnerability_exploited': 'MOVEit Transfer tool'}

Published by

Jeremy C

Enstar (US) Inc.

Aquasecurity: CISA Adds Aquasecurity Trivy Scanner Vulnerability to KEV Catalog

IDrive: IDrive for Windows Vulnerability Allows Privilege Escalation Attacks

Synology: Synology DiskStation Manager Vulnerability Puts Users at Risk of Remote Command Execution Attacks