The Topps Company, Inc.

The California Office of the Attorney General disclosed a data breach affecting The Topps Company, Inc. in February 2019. The incident involved unauthorized access to the company’s website, exposing personal and payment information of customers who made purchases between November 19, 2018, and January 9, 2019. Compromised data included names, addresses, email addresses, and payment details, though the exact number of affected individuals was not specified. The breach was detected on December 26, 2018, prompting the company to implement enhanced security measures post-incident. While no evidence suggested misuse of the stolen data, the exposure of financial and personally identifiable information (PII) posed significant risks, including potential fraud or identity theft for affected customers. The breach underscored vulnerabilities in Topps’ digital infrastructure, particularly in safeguarding transactional data during the holiday shopping period.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-144902

TPRM report: https://www.rankiteo.com/company/topps-company-inc

"id": "top1003091725",
"linkid": "topps-company-inc",
"type": "Breach",
"date": "11/2018",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Customers who made purchases '
                                              'between 2018-11-19 and '
                                              '2019-01-09',
                        'industry': 'Sports Trading Cards / Collectibles',
                        'location': 'California, USA',
                        'name': 'The Topps Company, Inc.',
                        'type': 'Corporation'}],
 'data_breach': {'data_exfiltration': 'Potential',
                 'personally_identifiable_information': ['names',
                                                         'addresses',
                                                         'email addresses'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['personal information',
                                              'payment information']},
 'date_detected': '2018-12-26',
 'date_publicly_disclosed': '2019-02-21',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving The Topps Company, Inc. on February 21, '
                '2019. The breach potentially exposed personal information of '
                'customers who made purchases through the Topps website '
                'between November 19, 2018, and January 9, 2019, including '
                'names, addresses, email addresses, and payment information. '
                'The unauthorized access was detected on December 26, 2018, '
                'and measures to enhance security were implemented following '
                'the incident.',
 'impact': {'data_compromised': ['names',
                                 'addresses',
                                 'email addresses',
                                 'payment information'],
            'identity_theft_risk': 'Potential',
            'payment_information_risk': 'Potential',
            'systems_affected': ['Topps website']},
 'post_incident_analysis': {'corrective_actions': ['Enhanced security '
                                                   'measures']},
 'references': [{'date_accessed': '2019-02-21',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'response': {'remediation_measures': ['Enhanced security measures']},
 'title': 'Data Breach at The Topps Company, Inc.',
 'type': 'Data Breach'}