The California Office of the Attorney General disclosed a data breach affecting Peter Michael Winery in June 2015, originating from a compromise in a third-party e-commerce vendor’s system on April 12, 2015. The incident exposed sensitive customer information, including names, credit/debit card numbers, payment addresses, and dates of birth. While the exact number of impacted individuals remains undisclosed, the breach posed significant risks of financial fraud and identity theft. The exposure of payment card details and personal identifiers (e.g., dates of birth) heightens the potential for unauthorized transactions and long-term misuse of customer data. The breach underscores vulnerabilities in third-party vendor security, which can serve as entry points for cybercriminals targeting customer databases. No ransomware was involved, but the compromise of financial and personally identifiable information (PII) indicates a severe lapse in data protection protocols, potentially eroding customer trust and subjecting the company to regulatory scrutiny under data privacy laws.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-56353
TPRM report: https://www.rankiteo.com/company/peter-michael-winery
"id": "pet002091825",
"linkid": "peter-michael-winery",
"type": "Breach",
"date": "4/2015",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'Winery / Hospitality',
'location': 'California, USA',
'name': 'Peter Michael Winery',
'type': 'Business'},
{'industry': 'E-Commerce',
'name': 'Unnamed Third-Party E-Commerce Vendor',
'type': 'Service Provider'}],
'attack_vector': 'Third-Party Vendor Compromise',
'data_breach': {'data_exfiltration': 'Likely (data accessed by unauthorized '
'party)',
'number_of_records_exposed': 'Unknown',
'personally_identifiable_information': ['Names',
'Dates of birth',
'Payment addresses'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Payment Card Data']},
'date_detected': '2015-04-12',
'date_publicly_disclosed': '2015-06-12',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Peter Michael Winery on June 12, 2015. The '
'breach occurred on April 12, 2015, through a third-party '
'e-commerce vendor, potentially affecting customer names, '
'credit/debit card numbers, payment addresses, and dates of '
'birth.',
'impact': {'data_compromised': ['Customer names',
'Credit/Debit card numbers',
'Payment addresses',
'Dates of birth'],
'identity_theft_risk': 'Potential (due to PII exposure)',
'payment_information_risk': 'High (credit/debit card numbers '
'exposed)'},
'references': [{'date_accessed': '2015-06-12',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'California Office of '
'the Attorney General'},
'response': {'law_enforcement_notified': 'Yes (California Office of the '
'Attorney General)'},
'title': 'Peter Michael Winery Data Breach via Third-Party E-Commerce Vendor',
'type': 'Data Breach'}