Lending Tree, LLC suffered a data breach after it discovered a “code vulnerability” on its website.
The breach resulted in the names, addresses, Social Security numbers, and birth dates of certain individuals, however, some files containing additional data types were also identified on the dark web.
Lending Tree investigated the incident and sent out data breach letters to all affected parties.
Source: https://www.jdsupra.com/legalnews/lending-tree-llc-announces-data-breach-5149163/
TPRM report: https://scoringcyber.rankiteo.com/company/lendingtree
"id": "len163920722",
"linkid": "lendingtree",
"type": "Breach",
"date": "06/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Financial Services',
'name': 'Lending Tree, LLC',
'type': 'Company'}],
'attack_vector': 'Code Vulnerability',
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Addresses',
'Social Security Numbers',
'Birth Dates']},
'description': 'Lending Tree, LLC suffered a data breach after it discovered '
"a 'code vulnerability' on its website. The breach resulted in "
'the names, addresses, Social Security numbers, and birth '
'dates of certain individuals being exposed. Some files '
'containing additional data types were also identified on the '
'dark web.',
'impact': {'data_compromised': ['Names',
'Addresses',
'Social Security Numbers',
'Birth Dates']},
'initial_access_broker': {'data_sold_on_dark_web': True},
'response': {'communication_strategy': 'Data breach letters sent to all '
'affected parties'},
'title': 'Lending Tree Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Code Vulnerability'}