Unified Trust Company, N.A.

The California Office of the Attorney General disclosed a data breach at Unified Trust Company, N.A., where unauthorized actors gained access to two employee email accounts between February 12–13, 2018. The incident was reported significantly later, on November 7, 2018, exposing personal information of approximately 14 residents in Rhode Island. While the breach was limited in scale, it involved the compromise of sensitive employee-related communications, potentially including confidential client or corporate data. The delayed detection and reporting further exacerbated risks, as the exposed period allowed prolonged unauthorized access. The nature of the breach suggests a targeted or opportunistic cyber intrusion, likely exploiting weak email security protocols, phishing, or credential theft. Though the exact type of personal information leaked was not detailed, the involvement of employee accounts raises concerns about internal data governance and the potential for broader operational or reputational harm.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-141606

TPRM report: https://www.rankiteo.com/company/unifiedtrust

"id": "uni004091825",
"linkid": "unifiedtrust",
"type": "Breach",
"date": "2/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': '14',
                        'industry': 'Trust and Wealth Management',
                        'location': 'United States (Affected residents in '
                                    'Rhode Island)',
                        'name': 'Unified Trust Company, N.A.',
                        'type': 'Financial Services'}],
 'attack_vector': 'Unauthorized Access (Email Compromise)',
 'data_breach': {'number_of_records_exposed': '14',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'Moderate (Personal Information)',
                 'type_of_data_compromised': ['Personal Information']},
 'date_publicly_disclosed': '2018-11-07',
 'description': 'The California Office of the Attorney General reported that '
                'Unified Trust Company, N.A. experienced a data breach '
                'involving unauthorized access to two employee email accounts '
                'between February 12, 2018, and February 13, 2018. The breach '
                'was reported on November 7, 2018, and affected personal '
                'information of approximately 14 residents in Rhode Island.',
 'impact': {'data_compromised': ['Personal Information'],
            'identity_theft_risk': 'Potential (Personal Information Exposed)',
            'systems_affected': ['Employee Email Accounts']},
 'initial_access_broker': {'entry_point': ['Employee Email Accounts']},
 'investigation_status': 'Reported',
 'references': [{'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'response': {'communication_strategy': 'Public Disclosure via California '
                                        'Office of the Attorney General'},
 'title': 'Unified Trust Company, N.A. Data Breach (2018)',
 'type': 'Data Breach'}

Unified Trust Company, N.A.

Grafana: Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Reqrea: Millions Of Hotel Guests' IDs Left Open Online In Massive Security Blunder

Belambra, Gîtes de France and Pierre & Vacances-Center Parcs: Gîtes de France among three booking websites to be hit by cyberattack