The Vermont Office of the Attorney General reported a data breach at Lowe's Companies on October 9, 2024. The breach occurred on September 2, 2024, involving unauthorized access to employee accounts on Workday. The affected information included employee usernames and passwords, names, addresses, dates of birth, email addresses, phone numbers, and bank account numbers. The number of affected individuals is unknown.
Source: https://ago.vermont.gov/document/2024-10-09-lowes-companies-data-breach-notice-consumers
TPRM report: https://www.rankiteo.com/company/lowe's-home-improvement
"id": "low144072725",
"linkid": "lowe's-home-improvement",
"type": "Breach",
"date": "9/2024",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Retail',
'name': "Lowe's Companies",
'type': 'Corporation'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['employee usernames and '
'passwords',
'names',
'addresses',
'dates of birth',
'email addresses',
'phone numbers',
'bank account numbers']},
'date_detected': '2024-09-02',
'date_publicly_disclosed': '2024-10-09',
'description': 'Unauthorized access to employee accounts on Workday, '
'compromising sensitive employee information.',
'impact': {'data_compromised': ['employee usernames and passwords',
'names',
'addresses',
'dates of birth',
'email addresses',
'phone numbers',
'bank account numbers'],
'systems_affected': ['Workday']},
'references': [{'date_accessed': '2024-10-09',
'source': 'Vermont Office of the Attorney General'}],
'title': "Data Breach at Lowe's Companies",
'type': 'Data Breach'}