The California Office of the Attorney General reported a data breach involving Marks & Associates on August 14, 2019. The breach occurred in November 2018 and was a result of a social engineering scam that compromised an employee's email account and portions of their network, potentially exposing personal data including names and social security numbers. The exact number of individuals affected is unknown.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-149761
TPRM report: https://www.rankiteo.com/company/marks-and-associates
"id": "mar834080425",
"linkid": "marks-and-associates",
"type": "Breach",
"date": "11/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'name': 'Marks & Associates', 'type': 'Company'}],
'attack_vector': 'Social Engineering',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security Numbers']},
'date_detected': '2018-11-01',
'date_publicly_disclosed': '2019-08-14',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Marks & Associates on August 14, 2019. The '
'breach occurred in November 2018 and was a result of a social '
"engineering scam that compromised an employee's email account "
'and portions of their network, potentially exposing personal '
'data including names and social security numbers. The exact '
'number of individuals affected is unknown.',
'impact': {'data_compromised': ['Names', 'Social Security Numbers'],
'systems_affected': ['Email Account', 'Network']},
'initial_access_broker': {'entry_point': 'Email Account'},
'post_incident_analysis': {'root_causes': 'Social Engineering'},
'references': [{'date_accessed': '2019-08-14',
'source': 'California Office of the Attorney General'}],
'title': 'Data Breach at Marks & Associates',
'type': 'Data Breach',
'vulnerability_exploited': 'Human Error'}