The Vermont Office of the Attorney General reported a data breach involving Yesway on January 24, 2024. The breach occurred due to a vulnerability in the MOVEit file transfer program used by Paycor, potentially exposing employee information. The number of affected individuals and specific types of compromised information are unknown.
TPRM report: https://www.rankiteo.com/company/yeswaystores
"id": "yes041072825",
"linkid": "yeswaystores",
"type": "Vulnerability",
"date": "11/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'name': 'Yesway', 'type': 'Company'}],
'attack_vector': 'Vulnerability Exploitation',
'data_breach': {'type_of_data_compromised': 'Employee Information'},
'date_publicly_disclosed': '2024-01-24',
'description': 'The Vermont Office of the Attorney General reported a data '
'breach involving Yesway on January 24, 2024. The breach '
'occurred due to a vulnerability in the MOVEit file transfer '
'program used by Paycor, potentially exposing employee '
'information. The number of affected individuals and specific '
'types of compromised information are unknown.',
'impact': {'data_compromised': 'Employee Information'},
'references': [{'date_accessed': '2024-01-24',
'source': 'Vermont Office of the Attorney General'}],
'title': 'Data Breach at Yesway',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit file transfer program'}