The information has been available due to a vulnerability in its outage app.
The information accessed includes the names, phone numbers and email addresses of customers who reported an outage through the app.
Data which could lead to the identification of their address have also been available.
No customers' financial or banking information was held in the app.
Source: https://www.rnz.co.nz/news/national/356031/vector-shuts-down-app-after-privacy-breach
TPRM report: https://scoringcyber.rankiteo.com/company/vectors-inc.
"id": "vec212421622",
"linkid": "vectors-inc.",
"type": "Vulnerability",
"date": "04/2018",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Utilities', 'type': 'Company'}],
'attack_vector': 'Vulnerability Exploitation',
'data_breach': {'personally_identifiable_information': ['Names',
'Phone numbers',
'Email addresses',
'Address-related '
'data'],
'sensitivity_of_data': 'Medium',
'type_of_data_compromised': ['Names',
'Phone numbers',
'Email addresses',
'Address-related data']},
'description': 'A vulnerability in the outage app exposed customer '
'information, including names, phone numbers, email addresses, '
'and data that could lead to the identification of their '
'address. No financial or banking information was compromised.',
'impact': {'data_compromised': ['Names',
'Phone numbers',
'Email addresses',
'Address-related data'],
'systems_affected': ['Outage app']},
'title': 'Data Breach Due to Vulnerability in Outage App',
'type': 'Data Breach',
'vulnerability_exploited': 'Vulnerability in the outage app'}