The California Office of the Attorney General reported a data breach involving TRUEbenefits LLC on September 18, 2017. The breach was identified between May 18 and May 19, 2017, due to a phishing email sent from an employee's account, potentially exposing individuals' names and Social Security numbers. The number of individuals affected was not specified.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-101975
TPRM report: https://www.rankiteo.com/company/truebenefits-llc_2
"id": "tru951072825",
"linkid": "truebenefits-llc_2",
"type": "Breach",
"date": "5/2017",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'name': 'TRUEbenefits LLC', 'type': 'Company'}],
'attack_vector': 'Phishing',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ["Individuals' names",
'Social Security numbers']},
'date_detected': '2017-05-18 to 2017-05-19',
'date_publicly_disclosed': '2017-09-18',
'description': 'The California Office of the Attorney General reported a data '
'breach involving TRUEbenefits LLC on September 18, 2017. The '
'breach was identified between May 18 and May 19, 2017, due to '
"a phishing email sent from an employee's account, potentially "
"exposing individuals' names and Social Security numbers. The "
'number of individuals affected was not specified.',
'impact': {'data_compromised': ["Individuals' names",
'Social Security numbers']},
'initial_access_broker': {'entry_point': 'Phishing email'},
'post_incident_analysis': {'root_causes': 'Phishing email sent from an '
"employee's account"},
'references': [{'date_accessed': '2017-09-18',
'source': 'California Office of the Attorney General'}],
'title': 'TRUEbenefits LLC Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Human Error'}