Breach cyber

Vermont Christmas Company

Nov 24, 2021 1 min read
Vermont Christmas Company

The Vermont Office of the Attorney General reported a data breach involving Vermont Christmas Company (VCC) on August 9, 2023. The unauthorized access occurred at third-party vendor CommerceV3 between November 24, 2021, and December 14, 2022, potentially impacting cardholder information including names, billing addresses, email addresses, payment card numbers, CVV codes, and expiration dates. The specific number of affected individuals is unknown.

Source: https://ago.vermont.gov/document/2023-08-09-vermont-christmas-company-data-breach-notice-consumers

TPRM report: https://www.rankiteo.com/company/vermontchristmascompany

"id": "ver210072725",
"linkid": "vermontchristmascompany",
"type": "Breach",
"date": "11/2021",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Retail',
                        'location': 'Vermont',
                        'name': 'Vermont Christmas Company',
                        'type': 'Retail'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['names',
                                              'billing addresses',
                                              'email addresses',
                                              'payment card numbers',
                                              'CVV codes',
                                              'expiration dates']},
 'date_detected': '2023-08-09',
 'date_publicly_disclosed': '2023-08-09',
 'description': 'The Vermont Office of the Attorney General reported a data '
                'breach involving Vermont Christmas Company (VCC) on August 9, '
                '2023. The unauthorized access occurred at third-party vendor '
                'CommerceV3 between November 24, 2021, and December 14, 2022, '
                'potentially impacting cardholder information including names, '
                'billing addresses, email addresses, payment card numbers, CVV '
                'codes, and expiration dates. The specific number of affected '
                'individuals is unknown.',
 'impact': {'data_compromised': ['names',
                                 'billing addresses',
                                 'email addresses',
                                 'payment card numbers',
                                 'CVV codes',
                                 'expiration dates'],
            'payment_information_risk': True},
 'references': [{'date_accessed': '2023-08-09',
                 'source': 'Vermont Office of the Attorney General'}],
 'title': 'Data Breach at Vermont Christmas Company',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.