Ipsen, Inc.

The Maine Office of the Attorney General disclosed a data breach affecting Ipsen, Inc. in August 2021. The incident occurred between March 18 and March 27, 2021, when unauthorized actors gained access to the company’s network. The breach exposed personal information of 1,531 individuals, including Social Security numbers (SSNs), a highly sensitive data type often targeted for identity theft and financial fraud. The breach was detected on July 22, 2021, nearly four months after the initial compromise, raising concerns about the duration of undetected access. In response, Ipsen offered 24 months of credit monitoring and identity theft protection services to affected individuals, acknowledging the severe risk of misuse of the exposed data. The exposure of SSNs significantly elevates the potential for long-term harm, as such information can be exploited for fraudulent loans, tax filings, or other malicious activities. The delay in detection further compounds the risk, as attackers may have had prolonged access to sensitive systems. While the breach did not explicitly mention ransomware or a broader systemic failure, the unauthorized network access and theft of personally identifiable information (PII) align with patterns seen in targeted cyber intrusions, often driven by financial or espionage motives.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/e71b3a8f-62a1-4e97-b803-19ab887f51b4.shtml

TPRM report: https://www.rankiteo.com/company/ipsen

"id": "ips011091825",
"linkid": "ipsen",
"type": "Breach",
"date": "3/2021",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 1531,
                        'industry': 'Pharmaceuticals/Biotechnology',
                        'name': 'Ipsen, Inc.',
                        'type': 'Corporation'}],
 'customer_advisories': 'Identity theft protection services (24 months of '
                        'credit monitoring) offered to affected individuals',
 'data_breach': {'number_of_records_exposed': 1531,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Social Security numbers']},
 'date_detected': '2021-07-22',
 'date_publicly_disclosed': '2021-08-09',
 'description': 'The Maine Office of the Attorney General reported a data '
                'breach involving Ipsen, Inc. The breach occurred between '
                'March 18, 2021, and March 27, 2021, involving unauthorized '
                'access to its network. Personal information of 1,531 '
                'individuals, including Social Security numbers, was '
                'potentially exposed. Identity theft protection services, '
                'including 24 months of credit monitoring, were offered to '
                'affected individuals.',
 'impact': {'data_compromised': ['Social Security numbers'],
            'identity_theft_risk': 'High (SSNs exposed)'},
 'references': [{'source': 'Maine Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
                                                        'Attorney General']},
 'response': {'communication_strategy': 'Offered identity theft protection '
                                        'services (24 months of credit '
                                        'monitoring)'},
 'title': 'Ipsen, Inc. Data Breach (2021)',
 'type': 'Data Breach'}