cyber Breach

LendUS

May 8, 2022 1 min read
LendUS

The employee email accounts of LendUS were accessed by an unauthorized person at various times between February 2 to March 22, 2021.

The compromised accounts contained the attachment containing the personal information of its employees and customers including names, financial and payment card account information; medical and health insurance information.

LendUS after the complete investigation of the attack notified the impacted individuals and offered free credit monitoring services for those who requested it.

Source: https://www.prnewswire.com/news-releases/lendus-llc-identified-and-addresses-data-security-incident-301477451.html

TPRM report: https://scoringcyber.rankiteo.com/company/lendusfamily

"id": "len12185522",
"linkid": "lendusfamily",
"type": "Breach",
"date": "02/2021",
"severity": "90",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Financial Services',
                        'name': 'LendUS',
                        'type': 'Company'}],
 'attack_vector': 'Email Account Access',
 'customer_advisories': 'Offered free credit monitoring services',
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['personal information',
                                              'financial information',
                                              'payment card account '
                                              'information',
                                              'medical information',
                                              'health insurance information']},
 'description': 'The employee email accounts of LendUS were accessed by an '
                'unauthorized person at various times between February 2 to '
                'March 22, 2021. The compromised accounts contained '
                'attachments with personal information of employees and '
                'customers, including names, financial and payment card '
                'account information, medical and health insurance '
                'information.',
 'impact': {'data_compromised': ['personal information',
                                 'financial information',
                                 'payment card account information',
                                 'medical information',
                                 'health insurance information']},
 'initial_access_broker': {'entry_point': 'Email Accounts'},
 'investigation_status': 'Completed',
 'motivation': 'Data Theft',
 'response': {'communication_strategy': 'Notified impacted individuals',
              'remediation_measures': ['Credit Monitoring Services']},
 'threat_actor': 'Unauthorized Person',
 'title': 'LendUS Email Account Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Compromised Email Accounts'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.