Breach cyber

Nutraceutical Wellness Inc.

Apr 10, 2019 1 min read
Nutraceutical Wellness Inc.

On April 10, 2019, Nutraceutical Wellness Inc., operating as Nutrafol, suffered a data breach involving unauthorized third-party access to its systems. The incident was discovered on September 11, 2019, and reported by the California Office of the Attorney General on October 16, 2019. The breach exposed sensitive personal information of customers, including names, addresses, and credit card details. While the exact scale of the breach was not specified, the compromised data suggests a significant risk of financial fraud and identity theft for affected individuals. The delay in detection (over five months) further heightened the potential for misuse of the stolen information. The company did not disclose whether ransomware was involved, but the nature of the breach indicates a targeted cyber intrusion aimed at extracting valuable customer data for malicious purposes.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-183532

TPRM report: https://www.rankiteo.com/company/nutrafol

"id": "nut027090625",
"linkid": "nutrafol",
"type": "Breach",
"date": "4/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Health & Wellness (Nutraceuticals)',
                        'location': 'California, USA',
                        'name': 'Nutraceutical Wellness Inc. (Nutrafol)',
                        'type': 'Private Company'}],
 'data_breach': {'data_exfiltration': 'Likely',
                 'personally_identifiable_information': ['Names', 'Addresses'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Payment Information']},
 'date_detected': '2019-09-11',
 'date_publicly_disclosed': '2019-10-16',
 'description': 'The California Office of the Attorney General reported that '
                'Nutraceutical Wellness Inc., doing business as Nutrafol, '
                'experienced a data breach on April 10, 2019. The breach '
                'involved unauthorized access by a third party, detected on '
                'September 11, 2019, potentially compromising personal '
                'information such as names, addresses, and credit card '
                'details.',
 'impact': {'data_compromised': ['Names',
                                 'Addresses',
                                 'Credit Card Information'],
            'identity_theft_risk': 'Potential',
            'payment_information_risk': 'High'},
 'references': [{'date_accessed': '2019-10-16',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulations_violated': ['California Consumer '
                                                    'Privacy Act (CCPA) - '
                                                    'Potential'],
                           'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'response': {'communication_strategy': 'Public Disclosure via California '
                                        'Office of the Attorney General'},
 'threat_actor': 'Third Party (Unauthorized Access)',
 'title': 'Nutrafol Data Breach (2019)',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.