SCUF Gaming International, LLC

On February 3, 2021, SCUF Gaming International, LLC experienced a data breach due to unauthorized access to its backend system. The incident potentially exposed sensitive customer payment information for transactions conducted between February 3 and March 16, 2021. Compromised data included cardholder names, email addresses, billing addresses, credit card numbers, expiration dates, and CVV codes. While the exact number of affected individuals remains undisclosed, the breach posed significant financial risks to customers, as the exposed details could facilitate fraudulent activities. The California Office of the Attorney General formally reported the breach on October 21, 2021, highlighting the severity of the data exposure and its implications for customer trust and financial security.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-546737

TPRM report: https://www.rankiteo.com/company/scuf-gaming

"id": "scu223091825",
"linkid": "scuf-gaming",
"type": "Breach",
"date": "2/2021",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Unknown (transactions between '
                                              '2021-02-03 and 2021-03-16)',
                        'industry': 'Gaming (Hardware/Peripherals)',
                        'name': 'SCUF Gaming International, LLC',
                        'type': 'Private Company'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'data_exfiltration': 'Likely',
                 'number_of_records_exposed': 'Unknown',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Payment Card Data (PCI)',
                                              'Personally Identifiable '
                                              'Information (PII)']},
 'date_publicly_disclosed': '2021-10-21',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving SCUF Gaming International, LLC. Unauthorized '
                "access to the company's backend system exposed credit card "
                'information of customers who made transactions between '
                'February 3 and March 16, 2021. Compromised data includes '
                'cardholder name, email address, billing address, credit card '
                'number, expiration date, and CVV. The specific number of '
                'affected individuals is unknown.',
 'impact': {'data_compromised': ['Cardholder Name',
                                 'Email Address',
                                 'Billing Address',
                                 'Credit Card Number',
                                 'Expiration Date',
                                 'CVV'],
            'identity_theft_risk': 'High',
            'payment_information_risk': 'High',
            'systems_affected': ['Backend System']},
 'initial_access_broker': {'high_value_targets': ['Payment Card Data']},
 'references': [{'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulations_violated': ['California Consumer '
                                                    'Privacy Act (CCPA)',
                                                    'Payment Card Industry '
                                                    'Data Security Standard '
                                                    '(PCI DSS)'],
                           'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'title': 'SCUF Gaming International, LLC Data Breach (2021)',
 'type': 'Data Breach'}