A security flaw on the Florida Department of Revenue website exposed the personal information of hundreds of taxpayers of the Florida region.
The breach exposed information like Social Security numbers and bank account numbers and also included the users’ income, filing status, refund amounts, and dependents’ college scholarship amounts.
The flaw allowed anyone else who was logged in to the state’s business tax registration website, to access, modify and delete the personal data of business owners, however, it was soon fixed.
Source: https://www.databreaches.net/florida-state-tax-website-bug-exposed-filers-data/
TPRM report: https://scoringcyber.rankiteo.com/company/fl-department-of-revenue
"id": "fld233131222",
"linkid": "fl-department-of-revenue",
"type": "Breach",
"date": "12/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"
{'affected_entities': [{'customers_affected': 'Hundreds of taxpayers',
'industry': 'Public Administration',
'location': 'Florida',
'name': 'Florida Department of Revenue',
'type': 'Government Agency'}],
'attack_vector': 'Website Vulnerability',
'data_breach': {'personally_identifiable_information': ['Social Security '
'numbers',
'income',
'filing status',
'refund amounts',
'dependents’ college '
'scholarship amounts'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Social Security numbers',
'bank account numbers',
'income',
'filing status',
'refund amounts',
'dependents’ college scholarship '
'amounts']},
'description': 'A security flaw on the Florida Department of Revenue website '
'exposed the personal information of hundreds of taxpayers of '
'the Florida region. The breach exposed information like '
'Social Security numbers and bank account numbers and also '
'included the users’ income, filing status, refund amounts, '
'and dependents’ college scholarship amounts. The flaw allowed '
'anyone else who was logged in to the state’s business tax '
'registration website, to access, modify and delete the '
'personal data of business owners, however, it was soon fixed.',
'impact': {'data_compromised': ['Social Security numbers',
'bank account numbers',
'income',
'filing status',
'refund amounts',
'dependents’ college scholarship amounts'],
'systems_affected': 'Florida Department of Revenue website'},
'initial_access_broker': {'entry_point': 'Website vulnerability'},
'response': {'remediation_measures': 'The flaw was soon fixed'},
'title': 'Florida Department of Revenue Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Security flaw on the website'}