The California Office of the Attorney General reported that Oak Ridge Associated Universities (ORAU) experienced a data breach due to unauthorized access from May 28, 2023, to May 30, 2023, involving personal information of individuals associated with the U.S. Department of Energy. The breach was facilitated through a vulnerability in the MOVEit Transfer software, and the specific number of individuals affected is unknown.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-572171
TPRM report: https://www.rankiteo.com/company/oakridgeassociateduniversities
"id": "oak644072725",
"linkid": "oakridgeassociateduniversities",
"type": "Vulnerability",
"date": "5/2023",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Education/Research',
'name': 'Oak Ridge Associated Universities (ORAU)',
'type': 'Organization'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'type_of_data_compromised': 'Personal Information'},
'date_detected': '2023-05-28',
'description': 'The California Office of the Attorney General reported that '
'Oak Ridge Associated Universities (ORAU) experienced a data '
'breach due to unauthorized access from May 28, 2023, to May '
'30, 2023, involving personal information of individuals '
'associated with the U.S. Department of Energy. The breach was '
'facilitated through a vulnerability in the MOVEit Transfer '
'software, and the specific number of individuals affected is '
'unknown.',
'impact': {'data_compromised': 'Personal Information'},
'references': [{'source': 'California Office of the Attorney General'}],
'title': 'Data Breach at Oak Ridge Associated Universities',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit Transfer software vulnerability'}