The California Office of the Attorney General reported a data breach involving Ascensus, Inc., concerning the Menzies Aviation (USA), Inc. 401(k) Plan on September 19, 2016. The breach occurred on August 23, 2016, due to a website configuration error that exposed personal information, including names, addresses, birth dates, and Social Security numbers, although the number of affected individuals is unspecified.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-63931
TPRM report: https://www.rankiteo.com/company/menzies-aviation
"id": "men934072625",
"linkid": "menzies-aviation",
"type": "Breach",
"date": "4/2016",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Financial Services',
'name': 'Ascensus, Inc.',
'type': 'Company'}],
'attack_vector': 'Website Configuration Error',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Addresses',
'Birth Dates',
'Social Security Numbers']},
'date_detected': '2016-09-19',
'date_publicly_disclosed': '2016-09-19',
'description': 'A data breach occurred at Ascensus, Inc., affecting the '
'Menzies Aviation (USA), Inc. 401(k) Plan due to a website '
'configuration error that exposed personal information.',
'impact': {'data_compromised': ['Names',
'Addresses',
'Birth Dates',
'Social Security Numbers']},
'post_incident_analysis': {'root_causes': 'Website Configuration Error'},
'references': [{'date_accessed': '2016-09-19',
'source': 'California Office of the Attorney General'}],
'title': 'Data Breach at Ascensus, Inc. Involving Menzies Aviation (USA), '
'Inc. 401(k) Plan',
'type': 'Data Breach',
'vulnerability_exploited': 'Website Configuration Error'}