The California Office of the Attorney General reported a data breach involving Transamerica Retirement Solutions, LLC on October 13, 2017. The breach occurred between January 3, 2017, and August 29, 2017, when unauthorized access to user accounts was gained using compromised third-party credentials. The affected information included names, addresses, Social Security numbers, dates of birth, financial account information, and employment details.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-102679
TPRM report: https://www.rankiteo.com/company/transamerica
"id": "tra909072725",
"linkid": "transamerica",
"type": "Breach",
"date": "1/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Financial Services',
'name': 'Transamerica Retirement Solutions, LLC',
'type': 'Company'}],
'attack_vector': 'Compromised third-party credentials',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'addresses',
'Social Security numbers',
'dates of birth',
'financial account information',
'employment details']},
'date_detected': '2017-08-29',
'date_publicly_disclosed': '2017-10-13',
'description': 'Unauthorized access to user accounts using compromised '
'third-party credentials, exposing personal and financial '
'information.',
'impact': {'data_compromised': ['names',
'addresses',
'Social Security numbers',
'dates of birth',
'financial account information',
'employment details']},
'initial_access_broker': {'entry_point': 'Compromised third-party '
'credentials'},
'post_incident_analysis': {'root_causes': 'Weak third-party credential '
'management'},
'references': [{'date_accessed': '2017-10-13',
'source': 'California Office of the Attorney General'}],
'title': 'Transamerica Retirement Solutions Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Weak third-party credential management'}