Overseas Service Corporation (“OSC”) suffered a data breach followed by a phishing email incident that involved a small number of email accounts in its computing environment.
The phishing email incident resulted in unauthorized access to the information contained in some email accounts, including names accompanied by Social Security numbers, financial/checking account numbers, payment card numbers, driver’s license numbers, and limited medical/health information.
OSC mailed letters to individuals whose information was involved in the incident and also established a dedicated call centre for individuals to call with questions about the incident.
Source: https://www.databreaches.net/overseas-service-corporation-notification-of-a-breach/
TPRM report: https://scoringcyber.rankiteo.com/company/overseas-strategic-consulting
"id": "ove201813123",
"linkid": "overseas-strategic-consulting",
"type": "Data Leak",
"date": "03/2021",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'name': 'Overseas Service Corporation',
'type': 'Company'}],
'attack_vector': 'Phishing Email',
'customer_advisories': 'Mailed letters to affected individuals, established a '
'dedicated call centre',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'Social Security numbers',
'financial/checking account '
'numbers',
'payment card numbers',
'driver’s license numbers',
'limited medical/health '
'information']},
'description': 'Overseas Service Corporation ("OSC") suffered a data breach '
'followed by a phishing email incident that involved a small '
'number of email accounts in its computing environment. The '
'phishing email incident resulted in unauthorized access to '
'the information contained in some email accounts, including '
'names accompanied by Social Security numbers, '
'financial/checking account numbers, payment card numbers, '
'driver’s license numbers, and limited medical/health '
'information. OSC mailed letters to individuals whose '
'information was involved in the incident and also established '
'a dedicated call centre for individuals to call with '
'questions about the incident.',
'impact': {'data_compromised': ['names',
'Social Security numbers',
'financial/checking account numbers',
'payment card numbers',
'driver’s license numbers',
'limited medical/health information'],
'systems_affected': 'Email accounts'},
'initial_access_broker': {'entry_point': 'Phishing Email'},
'response': {'communication_strategy': 'Mailed letters to affected '
'individuals, established a dedicated '
'call centre'},
'title': 'Overseas Service Corporation Data Breach and Phishing Incident',
'type': 'Data Breach, Phishing'}