Woodruff Sawyer & Co.

The Washington State Office of the Attorney General reported a data breach involving Woodruff Sawyer & Co. on November 10, 2020. The breach, which involved unauthorized access to employee email accounts, occurred between March 2, 2020, and March 3, 2020, affecting 2,393 Washington residents. The compromised information included names, full dates of birth, and medical information.

Source: https://www.atg.wa.gov/data-breach-notifications | https://data.wa.gov/resource/sb4j-ca4h.json?id=10359

TPRM report: https://www.rankiteo.com/company/woodruff-sawyer

"id": "woo226072625",
"linkid": "woodruff-sawyer",
"type": "Breach",
"date": "3/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': 2393,
                        'industry': 'Insurance',
                        'location': 'Washington',
                        'name': 'Woodruff Sawyer & Co.',
                        'type': 'Company'}],
 'attack_vector': 'Email Account Compromise',
 'data_breach': {'number_of_records_exposed': 2393,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Full Dates of Birth',
                                              'Medical Information']},
 'date_detected': '2020-11-10',
 'date_publicly_disclosed': '2020-11-10',
 'description': 'Unauthorized access to employee email accounts compromising '
                'personal and medical information.',
 'impact': {'data_compromised': ['Names',
                                 'Full Dates of Birth',
                                 'Medical Information']},
 'references': [{'date_accessed': '2020-11-10',
                 'source': 'Washington State Office of the Attorney General'}],
 'title': 'Woodruff Sawyer & Co. Data Breach',
 'type': 'Data Breach'}