On July 30, 2020, the California Office of the Attorney General disclosed a data breach at The Credit Pros International, where unauthorized actors gained access to sensitive personal information over an extended period from July 9, 2016, to December 15, 2019. The compromised data included names, addresses, Social Security numbers, and driver’s license numbers of affected individuals, though the exact number of victims remains undisclosed. The prolonged exposure suggests systemic vulnerabilities in the company’s data security measures, potentially enabling identity theft, financial fraud, or other malicious activities targeting the exposed individuals. The breach underscores the risks associated with inadequate safeguards for personally identifiable information (PII), particularly in industries handling financial and credit-related data. While no immediate evidence of misuse was reported, the scale and sensitivity of the leaked data pose long-term threats to the affected parties, including reputational harm to the company and regulatory scrutiny under data protection laws like the California Consumer Privacy Act (CCPA).
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-192608
TPRM report: https://www.rankiteo.com/company/thecreditpros
"id": "the141082125",
"linkid": "thecreditpros",
"type": "Breach",
"date": "7/2016",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'Credit Repair / Financial Services',
'location': 'California, USA',
'name': 'The Credit Pros International',
'type': 'Company'}],
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 'Unknown',
'personally_identifiable_information': ['names',
'addresses',
'Social Security '
'numbers',
'driver’s license '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'date_publicly_disclosed': '2020-07-30',
'description': 'On July 30, 2020, the California Office of the Attorney '
'General reported a data breach incident involving The Credit '
'Pros International that allowed unauthorized access to '
'personal information from July 9, 2016, to December 15, 2019. '
'Compromised information included names, addresses, Social '
'Security numbers, and driver’s license numbers of individuals '
'affected, although the exact number of affected individuals '
'is unknown.',
'impact': {'data_compromised': ['names',
'addresses',
'Social Security numbers',
'driver’s license numbers'],
'identity_theft_risk': 'High (PII exposed)'},
'initial_access_broker': {'high_value_targets': ['PII of customers'],
'reconnaissance_period': 'July 9, 2016 – December '
'15, 2019 (unauthorized '
'access period)'},
'references': [{'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulations_violated': ['Potential violation of '
'California Consumer '
'Privacy Act (CCPA) or '
'other state/federal data '
'protection laws'],
'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'title': 'Data Breach at The Credit Pros International',
'type': 'Data Breach'}