Vitamin Portfolio

On August 31, 2020, Vitamin Portfolio experienced a data breach that exposed sensitive customer information, including credit card details, names, and addresses. The incident was reported to the Maine Attorney General's Office on February 14, 2021, with notifications sent to the 14,412 affected individuals including 78 Maine residents on February 10, 2021. The unauthorized access compromised financial and personal data, posing risks of identity theft, fraud, and financial loss for those impacted. While the breach did not involve ransomware or systemic operational disruptions, the exposure of payment card information and personally identifiable data (PII) underscored significant vulnerabilities in the company’s data protection measures. The delayed discovery and reporting further exacerbated potential reputational damage and regulatory scrutiny.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/0b5b157a-c4fd-4ed2-846c-a99b82c9989d.shtml

TPRM report: https://www.rankiteo.com/company/vitamin-ventures

"id": "vit124082125",
"linkid": "vitamin-ventures",
"type": "Breach",
"date": "8/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '14,412 (including 78 Maine '
                                              'residents)',
                        'name': 'Vitamin Portfolio',
                        'type': 'Company'},
                       {'industry': 'Legal/Regulatory',
                        'location': 'Maine, USA',
                        'name': "Maine Attorney General's Office",
                        'type': 'Government'}],
 'customer_advisories': 'Notification letters sent (2021-02-10)',
 'data_breach': {'data_exfiltration': 'Likely (unauthorized access confirmed)',
                 'number_of_records_exposed': '14,412',
                 'personally_identifiable_information': ['names', 'addresses'],
                 'sensitivity_of_data': 'High (PII and payment data)',
                 'type_of_data_compromised': ['credit card information',
                                              'personally identifiable '
                                              'information (names, '
                                              'addresses)']},
 'date_publicly_disclosed': '2021-02-14',
 'description': 'Unauthorized access to credit card information and personal '
                'data (names, addresses) of 14,412 individuals, including 78 '
                'Maine residents. The breach was reported to the Maine '
                "Attorney General's Office on February 14, 2021, with "
                'notification letters sent to affected individuals on February '
                '10, 2021.',
 'impact': {'data_compromised': ['credit card information',
                                 'names',
                                 'addresses'],
            'identity_theft_risk': 'Potential (due to exposed PII)',
            'payment_information_risk': 'High (credit card information '
                                        'exposed)'},
 'references': [{'source': "Maine Attorney General's Office"}],
 'regulatory_compliance': {'regulatory_notifications': 'Maine Attorney '
                                                       "General's Office "
                                                       '(reported 2021-02-14)'},
 'response': {'communication_strategy': 'Notification letters sent to affected '
                                        'individuals (2021-02-10)'},
 'title': 'Vitamin Portfolio Data Breach (2020)',
 'type': 'Data Breach'}