On July 22, 2022, the California Office of the Attorney General reported a data breach involving Zulily, LLC. The breach occurred between February 23, 2022, and June 15, 2022, due to an issue with the checkout page code, resulting in the exposure of customers' payment card information, including email addresses, card numbers, verification codes, and expiration dates.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-555541
TPRM report: https://www.rankiteo.com/company/zulily
"id": "zul137072625",
"linkid": "zulily",
"type": "Breach",
"date": "2/2022",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'E-commerce',
'name': 'Zulily, LLC',
'type': 'Company'}],
'attack_vector': 'Web Application Vulnerability',
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['email addresses',
'card numbers',
'verification codes',
'expiration dates']},
'date_detected': '2022-06-15',
'date_publicly_disclosed': '2022-07-22',
'description': "A data breach involving Zulily, LLC, exposed customers' "
'payment card information due to an issue with the checkout '
'page code.',
'impact': {'data_compromised': ['email addresses',
'card numbers',
'verification codes',
'expiration dates'],
'payment_information_risk': True},
'post_incident_analysis': {'root_causes': 'Checkout page code issue'},
'references': [{'date_accessed': '2022-07-22',
'source': 'California Office of the Attorney General'}],
'title': 'Zulily Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Checkout page code issue'}