The California Office of the Attorney General reported a data breach involving Terminix Global Holdings on October 9, 2020. The breach, which occurred from September 10 to September 22, 2020, involved unauthorized access to an employee's Office 365 account via a phishing scam, potentially exposing sensitive information related to 14,708 current and former employees, including names and social security numbers.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-194953
TPRM report: https://www.rankiteo.com/company/rentokilterminix
"id": "ren237072725",
"linkid": "rentokilterminix",
"type": "Breach",
"date": "9/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Pest Control Services',
'name': 'Terminix Global Holdings',
'type': 'Company'}],
'attack_vector': 'Phishing',
'data_breach': {'number_of_records_exposed': 14708,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security Numbers']},
'date_detected': '2020-09-10',
'date_publicly_disclosed': '2020-10-09',
'description': "Unauthorized access to an employee's Office 365 account via a "
'phishing scam, potentially exposing sensitive information '
'related to 14,708 current and former employees, including '
'names and social security numbers.',
'impact': {'data_compromised': ['Names', 'Social Security Numbers'],
'systems_affected': ['Office 365 account']},
'initial_access_broker': {'entry_point': 'Phishing Email'},
'post_incident_analysis': {'root_causes': 'Phishing Scam'},
'references': [{'date_accessed': '2020-10-09',
'source': 'California Office of the Attorney General'}],
'title': 'Terminix Global Holdings Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Human'}