The Washington State Office of the Attorney General disclosed a data breach at Cougar Den, Inc., where unauthorized actors gained access to employee email accounts between November 2020 and February 1, 2021. The incident exposed sensitive personal information of 757 Washington residents, including names, Social Security numbers, and financial data. The breach was detected after prolonged unauthorized access, and affected individuals were notified on May 7, 2021. The compromised data particularly Social Security numbers and financial records poses significant risks, including identity theft, financial fraud, and long-term reputational harm to the company. The prolonged duration of the breach (over three months) suggests potential vulnerabilities in email security protocols, allowing attackers sustained access to confidential employee and customer-related information. While the exact method of intrusion remains undisclosed, the exposure of such high-value data underscores the severity of the incident, particularly given the regulatory and legal obligations tied to safeguarding personally identifiable information (PII).
TPRM report: https://www.rankiteo.com/company/ramseycompaniesinc
"id": "ram246090125",
"linkid": "ramseycompaniesinc",
"type": "Breach",
"date": "11/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '757',
'location': 'Washington, USA',
'name': 'Cougar Den, Inc.',
'type': 'Business'}],
'attack_vector': 'Unauthorized Access (Email Account Compromise)',
'customer_advisories': 'Notification sent to affected individuals (May 7, '
'2021)',
'data_breach': {'data_exfiltration': 'Likely (unauthorized access to email '
'accounts)',
'number_of_records_exposed': '757',
'personally_identifiable_information': ['Names',
'Social Security '
'Numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Financial Information']},
'date_publicly_disclosed': '2021-05-07',
'description': 'The Washington State Office of the Attorney General reported '
'that Cougar Den, Inc. experienced a data breach potentially '
'affecting the personal information of 757 Washington '
'residents. The breach involved unauthorized access to '
'employee email accounts from November 2020 to February 1, '
'2021, and included a variety of sensitive data such as names, '
'Social Security numbers, and financial information.',
'impact': {'data_compromised': ['Names',
'Social Security Numbers',
'Financial Information'],
'identity_theft_risk': 'High (PII and financial data exposed)',
'payment_information_risk': 'High (Financial information exposed)',
'systems_affected': ['Employee Email Accounts']},
'initial_access_broker': {'entry_point': 'Employee Email Accounts',
'reconnaissance_period': 'November 2020 to February '
'1, 2021'},
'references': [{'source': 'Washington State Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'Washington State '
'Office of the Attorney '
'General'},
'response': {'communication_strategy': 'Notification to affected individuals '
'(May 7, 2021)'},
'title': 'Cougar Den, Inc. Data Breach (2020-2021)',
'type': 'Data Breach'}