The Massachusetts Attorney General's Office reported a data security incident involving Father Bill’s & Mainspring in January 2021. The incident, which occurred on July 31, 2020, involved a phishing attack that compromised an employee's email account, potentially exposing personally identifiable information (PII) including names, social security numbers, dates of birth, driver's licenses, and financial account numbers. The number of affected individuals is currently unknown.
TPRM report: https://www.rankiteo.com/company/father-bill's-&-mainspring
"id": "fat1041080425",
"linkid": "father-bill's-&-mainspring",
"type": "Breach",
"date": "7/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Social Services',
'location': 'Massachusetts',
'name': 'Father Bill’s & Mainspring',
'type': 'Non-profit Organization'}],
'attack_vector': 'Phishing',
'data_breach': {'personally_identifiable_information': ['names',
'social security '
'numbers',
'dates of birth',
"driver's licenses",
'financial account '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['PII']},
'date_detected': '2021-01-01',
'date_publicly_disclosed': '2021-01-01',
'description': "A phishing attack compromised an employee's email account, "
'potentially exposing personally identifiable information '
'(PII) including names, social security numbers, dates of '
"birth, driver's licenses, and financial account numbers.",
'impact': {'data_compromised': ['names',
'social security numbers',
'dates of birth',
"driver's licenses",
'financial account numbers']},
'initial_access_broker': {'entry_point': 'Email'},
'post_incident_analysis': {'root_causes': 'Phishing attack compromising '
'employee email account'},
'references': [{'date_accessed': '2021-01-01',
'source': "Massachusetts Attorney General's Office"}],
'title': 'Data Security Incident at Father Bill’s & Mainspring',
'type': 'Data Breach',
'vulnerability_exploited': 'Human Error'}