The Vermont Office of the Attorney General reported on September 30, 2024, that Griffon Corporation experienced a data breach involving unauthorized access to its systems, which potentially exposed personal information. The unauthorized access began on June 15, 2024, and ended on July 21, 2024. Types of compromised information may include names, addresses, Social Security numbers, and health insurance information; however, the number of affected individuals is unknown.
Source: https://ago.vermont.gov/document/2024-09-30-griffon-corporation-data-breach-notice-consumers
TPRM report: https://www.rankiteo.com/company/griffon-corporation
"id": "gri659072625",
"linkid": "griffon-corporation",
"type": "Breach",
"date": "6/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'name': 'Griffon Corporation', 'type': 'Corporation'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'addresses',
'Social Security numbers',
'health insurance information']},
'date_detected': '2024-07-21',
'date_publicly_disclosed': '2024-09-30',
'description': "Unauthorized access to Griffon Corporation's systems "
'potentially exposed personal information including names, '
'addresses, Social Security numbers, and health insurance '
'information.',
'impact': {'data_compromised': ['names',
'addresses',
'Social Security numbers',
'health insurance information']},
'references': [{'date_accessed': '2024-09-30',
'source': 'Vermont Office of the Attorney General'}],
'title': 'Griffon Corporation Data Breach',
'type': 'Data Breach'}