Tuition website TrueFire suffered a data breach incident after an “unauthorised person” accessed the company’s computer system and specifically unencrypted information that was entered into its website, for a period of over five months.
The ‘unauthorised user’ had potentially been able to harvest sensitive customer information as it was being entered into the site.
The breach exposed information including name, address, payment card account number, card expiration date and security code.
TrueFire recommended the affected users review payment card statements for suspicious activity, as well as follow standard preventative measures against identity theft.
Source: https://guitar.com/news/industry-news/truefire-data-breach/
TPRM report: https://scoringcyber.rankiteo.com/company/truefire
"id": "tru115641222",
"linkid": "truefire",
"type": "Breach",
"date": "03/2020",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Education',
'name': 'TrueFire',
'type': 'Company'}],
'attack_vector': 'Unauthorized Access',
'customer_advisories': ['Review payment card statements',
'Follow standard preventative measures against '
'identity theft'],
'data_breach': {'data_encryption': 'None',
'personally_identifiable_information': ['name', 'address'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information',
'Payment Information']},
'description': 'TrueFire suffered a data breach incident after an '
'‘unauthorised person’ accessed the company’s computer system '
'and specifically unencrypted information that was entered '
'into its website, for a period of over five months. The '
'‘unauthorised user’ had potentially been able to harvest '
'sensitive customer information as it was being entered into '
'the site. The breach exposed information including name, '
'address, payment card account number, card expiration date '
'and security code. TrueFire recommended the affected users '
'review payment card statements for suspicious activity, as '
'well as follow standard preventative measures against '
'identity theft.',
'impact': {'data_compromised': ['name',
'address',
'payment card account number',
'card expiration date',
'security code'],
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'initial_access_broker': {'entry_point': 'Website',
'reconnaissance_period': 'Over five months'},
'motivation': 'Data Theft',
'post_incident_analysis': {'root_causes': 'Unencrypted data'},
'recommendations': ['Encrypt sensitive data',
'Monitor for suspicious activity'],
'response': {'communication_strategy': ['Recommended users review payment '
'card statements',
'Follow standard preventative '
'measures against identity theft']},
'threat_actor': 'Unauthorized Person',
'title': 'TrueFire Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unencrypted Data'}