The California Office of the Attorney General reported a data breach involving International Paper Company on November 20, 2023. The breach occurred on May 30, 2023, when an unknown actor accessed the MOVEit Transfer server and potentially exfiltrated personal information of individuals associated with the company's health and welfare plan. The breach involved the potential leak of sensitive personal information, which could have significant consequences for the affected individuals.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-576801
TPRM report: https://www.rankiteo.com/company/international-paper
"id": "int953072525",
"linkid": "international-paper",
"type": "Breach",
"date": "5/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Paper and Pulp',
'name': 'International Paper Company',
'type': 'Corporation'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'data_exfiltration': 'Potential',
'type_of_data_compromised': 'Personal Information'},
'date_detected': '2023-11-20',
'date_publicly_disclosed': '2023-11-20',
'description': 'The California Office of the Attorney General reported a data '
'breach involving International Paper Company on November 20, '
'2023. The breach occurred on May 30, 2023, when an unknown '
'actor accessed the MOVEit Transfer server and potentially '
'exfiltrated personal information of individuals associated '
"with the company's health and welfare plan.",
'impact': {'data_compromised': 'Personal Information',
'systems_affected': 'MOVEit Transfer server'},
'initial_access_broker': {'entry_point': 'MOVEit Transfer server'},
'motivation': 'Data Exfiltration',
'references': [{'date_accessed': '2023-11-20',
'source': 'California Office of the Attorney General'}],
'threat_actor': 'Unknown',
'title': 'Data Breach at International Paper Company',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit Transfer server'}