On August 29, 2017, the California Office of the Attorney General reported a data breach involving Massachusetts Mutual Life Insurance Company (MassMutual) which occurred on August 17, 2017. The breach involved unauthorized access to nonpublic personally identifiable information (PII) of clients as a result of social engineering tactics exploiting the access credentials of two insurance agents. The total number of individuals affected is currently unknown.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-101464
TPRM report: https://www.rankiteo.com/company/massmutual-financial-group
"id": "mas345072525",
"linkid": "massmutual-financial-group",
"type": "Breach",
"date": "8/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Insurance',
'location': 'Massachusetts',
'name': 'Massachusetts Mutual Life Insurance Company '
'(MassMutual)',
'type': 'Insurance Company'}],
'attack_vector': 'Social Engineering',
'data_breach': {'personally_identifiable_information': 'Nonpublic PII',
'type_of_data_compromised': 'PII'},
'date_detected': '2017-08-29',
'date_publicly_disclosed': '2017-08-29',
'description': 'Unauthorized access to nonpublic personally identifiable '
'information (PII) of clients as a result of social '
'engineering tactics exploiting the access credentials of two '
'insurance agents.',
'impact': {'data_compromised': 'PII'},
'initial_access_broker': {'entry_point': 'Access Credentials'},
'post_incident_analysis': {'root_causes': 'Social Engineering'},
'references': [{'date_accessed': '2017-08-29',
'source': 'California Office of the Attorney General'}],
'title': 'MassMutual Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Access Credentials'}