A cyber attack that may have allowed unauthorised access to protected company data was discovered, according to VRM.
The organisation implemented the necessary data security precautions right once and is in constant touch with our cyber security specialists and data protection officers.
As required by the GDPR, the data protection authorities has been notified. A forensic assessment showed that none of the other IT systems used by VRM and the media firms for whom it provides services were affected.
Personal information from our subscribers, including name and address, is also included in the unauthorised downloads, but not bank details.
Source: https://vrm.de/cyberangriff-kundendaten-betroffen/
TPRM report: https://scoringcyber.rankiteo.com/company/vrm
"id": "vrm15424723",
"linkid": "vrm",
"type": "Data Leak",
"date": "06/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'name': 'VRM', 'type': 'Company'}],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'Medium',
'type_of_data_compromised': ['Personal information including '
'name and address']},
'description': 'A cyber attack that may have allowed unauthorised access to '
'protected company data was discovered, according to VRM.',
'impact': {'data_compromised': ['Personal information including name and '
'address']},
'investigation_status': 'Completed',
'regulatory_compliance': {'regulatory_notifications': ['GDPR']},
'response': {'third_party_assistance': ['Cyber security specialists',
'Data protection officers']},
'title': 'Unauthorized Access to VRM Subscriber Data',
'type': 'Data Breach'}