On March 13, 2024, the California Office of the Attorney General disclosed a data breach affecting Teleflora, a floral wire service company. The incident, which occurred on November 9, 2023, involved unauthorized access to files containing sensitive personal information, specifically names and Social Security Numbers (SSNs) of individuals. The exact number of affected individuals remains unknown, but the exposure of SSNs poses a significant risk of identity theft, financial fraud, and long-term reputational harm to those impacted.The breach highlights vulnerabilities in Teleflora’s data security measures, as threat actors successfully infiltrated systems housing highly confidential customer data. While the company has not provided details on the attack vector (e.g., phishing, exploitation of unpatched systems), the compromise of SSNs critical identifiers for financial and governmental verification elevates the severity of the incident. Affected individuals may face prolonged monitoring of credit reports, potential fraudulent account openings, and other malicious activities stemming from the exposed data.Teleflora’s response, including notification protocols and remediation efforts, was not specified in the report. However, the breach underscores the growing targeting of mid-sized enterprises by cybercriminals seeking valuable personal data for monetization or further attacks.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-582403
TPRM report: https://www.rankiteo.com/company/the-wonderful-company
"id": "the038090625",
"linkid": "the-wonderful-company",
"type": "Breach",
"date": "11/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'Floral Delivery / E-commerce',
'location': 'California, USA',
'name': 'Teleflora',
'type': 'Company'}],
'data_breach': {'data_exfiltration': 'Yes (unauthorized access to files)',
'personally_identifiable_information': ['Names',
'Social Security '
'Numbers'],
'sensitivity_of_data': 'High (includes SSNs)',
'type_of_data_compromised': ['Personal Information']},
'date_detected': '2023-11-09',
'date_publicly_disclosed': '2024-03-13',
'description': 'On March 13, 2024, the California Office of the Attorney '
'General reported a data breach involving Teleflora that '
'occurred on November 9, 2023. The breach involved '
'unauthorized access to files containing personal information, '
'including names and Social Security Numbers. Affected '
'individuals are currently unknown.',
'impact': {'data_compromised': ['names', 'Social Security Numbers'],
'identity_theft_risk': 'High (SSNs exposed)'},
'investigation_status': 'Ongoing (affected individuals unknown)',
'references': [{'date_accessed': '2024-03-13',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulations_violated': ['California Data Breach '
'Notification Law '
'(likely)'],
'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'title': 'Teleflora Data Breach - November 2023',
'type': 'Data Breach'}