The California Office of the Attorney General reported a data breach involving RCI, LLC on March 1, 2024. The breach occurred between May 31, 2023, and June 1, 2023, due to a vulnerability in the MOVEit Transfer application exploited by the CLOP group, potentially exposing individuals' names, addresses, and government identification numbers.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-581805
TPRM report: https://www.rankiteo.com/company/root-cause-insights
"id": "roo833072625",
"linkid": "root-cause-insights",
"type": "Vulnerability",
"date": "5/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'name': 'RCI, LLC', 'type': 'Company'}],
'attack_vector': 'Exploitation of Vulnerability',
'data_breach': {'personally_identifiable_information': True,
'type_of_data_compromised': ['names',
'addresses',
'government identification '
'numbers']},
'date_detected': '2024-03-01',
'date_publicly_disclosed': '2024-03-01',
'description': 'The California Office of the Attorney General reported a data '
'breach involving RCI, LLC on March 1, 2024. The breach '
'occurred between May 31, 2023, and June 1, 2023, due to a '
'vulnerability in the MOVEit Transfer application exploited by '
"the CLOP group, potentially exposing individuals' names, "
'addresses, and government identification numbers.',
'impact': {'data_compromised': ['names',
'addresses',
'government identification numbers']},
'references': [{'date_accessed': '2024-03-01',
'source': 'California Office of the Attorney General'}],
'threat_actor': 'CLOP group',
'title': 'Data Breach at RCI, LLC',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit Transfer application vulnerability'}