The Vermont Office of the Attorney General reported that Harvey Construction Corporation experienced a data breach potentially affecting personal information on March 4, 2024. The breach was initiated due to a MOVEit software vulnerability, resulting in unauthorized access to files downloaded on May 31, 2023, which may have included names and Social Security numbers of current and former employees.
TPRM report: https://www.rankiteo.com/company/harvey-construction
"id": "har302072525",
"linkid": "harvey-construction",
"type": "Vulnerability",
"date": "5/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Construction',
'name': 'Harvey Construction Corporation',
'type': 'Corporation'}],
'attack_vector': 'Software Vulnerability',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers']},
'date_detected': '2024-03-04',
'description': 'The Vermont Office of the Attorney General reported that '
'Harvey Construction Corporation experienced a data breach '
'potentially affecting personal information on March 4, 2024. '
'The breach was initiated due to a MOVEit software '
'vulnerability, resulting in unauthorized access to files '
'downloaded on May 31, 2023, which may have included names and '
'Social Security numbers of current and former employees.',
'impact': {'data_compromised': ['Names', 'Social Security numbers']},
'references': [{'date_accessed': '2024-03-04',
'source': 'Vermont Office of the Attorney General'}],
'title': 'Harvey Construction Corporation Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit software vulnerability'}