On December 3, 2021, the California Office of the Attorney General reported a data breach involving Keolis Transit America (KTA). The breach occurred around May 23, 2021, when a thumb drive containing personal information of employees was found by unauthorized individuals. The compromised data included names, addresses, dates of birth, Social Security numbers, financial account details, and limited medical information.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-548188
TPRM report: https://www.rankiteo.com/company/keolisnorthamerica
"id": "keo618072825",
"linkid": "keolisnorthamerica",
"type": "Breach",
"date": "1/2021",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Transportation',
'name': 'Keolis Transit America',
'type': 'Company'}],
'attack_vector': 'Physical Theft',
'data_breach': {'personally_identifiable_information': ['Names',
'Addresses',
'Dates of Birth',
'Social Security '
'Numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Financial Information',
'Medical Information']},
'date_detected': '2021-05-23',
'date_publicly_disclosed': '2021-12-03',
'description': 'A data breach involving Keolis Transit America (KTA) where a '
'thumb drive containing personal information of employees was '
'found by unauthorized individuals.',
'impact': {'data_compromised': ['Names',
'Addresses',
'Dates of Birth',
'Social Security Numbers',
'Financial Account Details',
'Limited Medical Information']},
'references': [{'date_accessed': '2021-12-03',
'source': 'California Office of the Attorney General'}],
'title': 'Keolis Transit America Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Loss of Physical Media'}