The California Office of the Attorney General reported a data breach involving Windhaven Investment Management, Inc. on September 23, 2013. The breach resulted from unauthorized access to a web server maintained by a third-party vendor, potentially exposing information such as names, account numbers, and investment positions, although no specific number of individuals affected was provided.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-42740
TPRM report: https://www.rankiteo.com/company/windhaven-investment-management
"id": "win512080425",
"linkid": "windhaven-investment-management",
"type": "Breach",
"date": "9/2013",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Financial Services',
'name': 'Windhaven Investment Management, Inc.',
'type': 'Company'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'personally_identifiable_information': ['names',
'account numbers'],
'type_of_data_compromised': ['names',
'account numbers',
'investment positions']},
'date_detected': '2013-09-23',
'date_publicly_disclosed': '2013-09-23',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Windhaven Investment Management, Inc. on '
'September 23, 2013. The breach resulted from unauthorized '
'access to a web server maintained by a third-party vendor, '
'potentially exposing information such as names, account '
'numbers, and investment positions, although no specific '
'number of individuals affected was provided.',
'impact': {'data_compromised': ['names',
'account numbers',
'investment positions'],
'systems_affected': ['web server']},
'initial_access_broker': {'entry_point': 'web server'},
'references': [{'date_accessed': '2013-09-23',
'source': 'California Office of the Attorney General'}],
'title': 'Data Breach at Windhaven Investment Management, Inc.',
'type': 'Data Breach',
'vulnerability_exploited': 'Web Server'}