On September 28, 2022, the Vermont Office of the Attorney General reported a data breach involving TD Bank that occurred in May 2022. An employee improperly accessed personal information of customers, potentially providing it to an unauthorized third party. The compromised information included names, addresses, social security numbers, dates of birth, transactional information, and account numbers.
Source: https://ago.vermont.gov/document/2022-09-28-td-bank-data-breach-notice-consumers
TPRM report: https://www.rankiteo.com/company/td
"id": "td724072725",
"linkid": "td",
"type": "Breach",
"date": "5/2022",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Banking',
'location': 'United States',
'name': 'TD Bank',
'type': 'Financial Institution'}],
'attack_vector': 'Insider Threat',
'data_breach': {'personally_identifiable_information': ['names',
'addresses',
'social security '
'numbers',
'dates of birth',
'account numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Transactional Information']},
'date_detected': '2022-05-01',
'date_publicly_disclosed': '2022-09-28',
'description': 'An employee improperly accessed personal information of '
'customers, potentially providing it to an unauthorized third '
'party.',
'impact': {'data_compromised': ['names',
'addresses',
'social security numbers',
'dates of birth',
'transactional information',
'account numbers']},
'motivation': 'Unauthorized Data Access',
'references': [{'date_accessed': '2022-09-28',
'source': 'Vermont Office of the Attorney General'}],
'threat_actor': 'Employee',
'title': 'TD Bank Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Improper Access Controls'}