Breach cyber

Stericycle, Inc.

Oct 1, 2019 1 min read
Stericycle, Inc.

The California Office of the Attorney General reported a data breach involving Stericycle, Inc. on August 31, 2020. The breach occurred between October 1, 2019, and April 8, 2020, due to email phishing attempts that compromised employee email accounts. The types of personal information potentially affected include names, Social Security Numbers, Tax ID Numbers, Driver's License Numbers, and financial account/payment card numbers, but no evidence exists that the information was accessed by unauthorized individuals.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-193609

TPRM report: https://scoringcyber.rankiteo.com/company/stericycle

"id": "ste456072625",
"linkid": "stericycle",
"type": "Breach",
"date": "10/2019",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'name': 'Stericycle, Inc.', 'type': 'Company'}],
 'attack_vector': 'Phishing',
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Social Security Numbers',
                                              'Tax ID Numbers',
                                              "Driver's License Numbers",
                                              'Financial account/payment card '
                                              'numbers']},
 'date_detected': '2020-08-31',
 'date_publicly_disclosed': '2020-08-31',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving Stericycle, Inc. on August 31, 2020. The '
                'breach occurred between October 1, 2019, and April 8, 2020, '
                'due to email phishing attempts that compromised employee '
                'email accounts. The types of personal information potentially '
                'affected include names, Social Security Numbers, Tax ID '
                "Numbers, Driver's License Numbers, and financial "
                'account/payment card numbers, but no evidence exists that the '
                'information was accessed by unauthorized individuals.',
 'impact': {'data_compromised': ['Names',
                                 'Social Security Numbers',
                                 'Tax ID Numbers',
                                 "Driver's License Numbers",
                                 'Financial account/payment card numbers']},
 'initial_access_broker': {'entry_point': 'Email Phishing'},
 'post_incident_analysis': {'root_causes': 'Email Phishing'},
 'references': [{'date_accessed': '2020-08-31',
                 'source': 'California Office of the Attorney General'}],
 'title': 'Stericycle, Inc. Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Email Phishing'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Risika

public 1 min read
An enormous database, containing millions of highly sensitive information on Swedish citizens, was left unsecured online. The data included people’…
Jeremy C Jeremy C
Breach cyber

Toptal

public 1 min read
Hackers compromised Toptal's GitHub organization account, gaining access to publish ten malicious packages on the Node Package Manager…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.