The California Office of the Attorney General disclosed a data breach affecting Round Pond Estate in June 2015. The incident was linked to a compromise in their third-party consumer direct sales systems provider, Missing Link Networks, Inc. Between April 1, 2015, and April 30, 2015, attackers potentially accessed sensitive customer payment data, including credit/debit card details (names, card numbers, payment addresses), passwords, and dates of birth. The breach exposed financial and personally identifiable information (PII), raising risks of fraud, identity theft, and unauthorized transactions. While the exact number of affected individuals was not specified, the exposure of payment card data—combined with additional personal identifiers—heightened the severity due to the potential for direct financial harm and reputational damage to both the company and its customers. The breach underscored vulnerabilities in third-party vendor systems and the broader supply chain risks associated with payment processing infrastructures.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-56457
TPRM report: https://www.rankiteo.com/company/round-pond-estate
"id": "rou036091825",
"linkid": "round-pond-estate",
"type": "Breach",
"date": "4/2015",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Hospitality / Wine Production',
'location': 'California, USA',
'name': 'Round Pond Estate',
'type': 'Business (Winery)'},
{'industry': 'Technology / Payment Processing',
'name': 'Missing Link Networks, Inc.',
'type': 'Service Provider (Consumer Direct Sales '
'Systems)'}],
'data_breach': {'data_exfiltration': 'Likely (credit/debit card data exposed)',
'personally_identifiable_information': ['Names',
'Dates of birth',
'Payment addresses',
'Passwords'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Payment Card Data']},
'date_publicly_disclosed': '2015-06-18',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Round Pond Estate on June 18, 2015. The '
'breach, reported by their consumer direct sales systems '
'provider Missing Link Networks, Inc., potentially exposed '
'credit and debit card data from April 1, 2015 to April 30, '
'2015, affecting customer names, card numbers, related payment '
'addresses, passwords, and dates of birth.',
'impact': {'data_compromised': ['Customer names',
'Credit/debit card numbers',
'Payment addresses',
'Passwords',
'Dates of birth'],
'identity_theft_risk': 'High (PII and payment data exposed)',
'payment_information_risk': 'High (credit/debit card numbers '
'exposed)',
'systems_affected': ['Consumer direct sales systems (via Missing '
'Link Networks, Inc.)']},
'references': [{'date_accessed': '2015-06-18',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'California Office of '
'the Attorney General'},
'response': {'law_enforcement_notified': 'Yes (California Office of the '
'Attorney General)'},
'title': 'Round Pond Estate Data Breach via Missing Link Networks, Inc.',
'type': 'Data Breach'}