Roots & Harvest Direct LLC

On July 14, 2023, the Maine Office of the Attorney General reported a data breach involving Roots & Harvest Direct LLC. The breach occurred due to unauthorized access to its third-party e-commerce platform, CommerceV3, between November 24, 2021, and December 14, 2022. The incident potentially involved the payment card information of approximately 4,073 individuals, including 26 residents from Maine.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/7bddfc03-5649-43ea-a67f-a760bdd62644.shtml

TPRM report: https://www.rankiteo.com/company/lemproducts

"id": "lem913072625",
"linkid": "lemproducts",
"type": "Breach",
"date": "11/2021",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'customers_affected': 4073,
                        'industry': 'Retail',
                        'name': 'Roots & Harvest Direct LLC',
                        'type': 'Company'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'number_of_records_exposed': 4073,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Payment Card Information'},
 'date_detected': '2023-07-14',
 'date_publicly_disclosed': '2023-07-14',
 'description': 'Unauthorized access to the third-party e-commerce platform, '
                'CommerceV3, potentially compromising payment card information '
                'of approximately 4,073 individuals.',
 'impact': {'data_compromised': 'Payment Card Information',
            'payment_information_risk': 'High',
            'systems_affected': 'CommerceV3 e-commerce platform'},
 'references': [{'date_accessed': '2023-07-14',
                 'source': 'Maine Office of the Attorney General'}],
 'title': 'Data Breach at Roots & Harvest Direct LLC',
 'type': 'Data Breach'}