Cyber Incident Victim: Colonial Park Realty Co
Date:
Apr 2020
Location:
United States of America
Summary
Colonial Park Realty Co, operating as Enders Insurance, experienced a data breach when an employee's email account was compromised. The incident was discovered during an investigation that determined unauthorized access may have occurred to sensitive personal information including names, dates of birth, Social Security numbers, driver's licenses, passports, financial account details, payment card data, health insurance information, and medical treatment/diagnosis details. The company is notifying affected individuals out of an abundance of caution, though there is no evidence of misuse.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 0 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Colonial Park Realty Co., operating as Enders Insurance, experienced a data security incident beginning in April 2020 when an unauthorized party compromised the email account of one of its employees. This initial compromise provided the attacker with access to the employee's corporate email communications. The company did not detect the intrusion immediately; instead, the breach was discovered later, on May 7, 2020. Upon this discovery, Enders initiated an internal investigation to understand the full scope and nature of the incident. The investigation aimed to identify precisely what information may have been accessed and to determine which individuals needed to be notified. This process involved a detailed review of the compromised email account's contents and the data potentially exposed through that access. The time between discovery and the eventual public notification spanned several months, indicating a complex and thorough forensic effort to ascertain the impact.
The investigation concluded that the potentially accessible information was highly sensitive and extensive, encompassing a wide range of personal and financial data. Specifically, the unauthorized access may have exposed individuals' full names, dates of birth, and Social Security numbers. Furthermore, government-issued identification numbers such as driver's license numbers and passport numbers were potentially subject to access. The breach also threatened financial privacy, with financial account information and payment card details being potentially compromised. Health-related data was also involved, including health insurance information and details concerning medical treatment and diagnoses. Despite this broad scope of exposed data types, Enders stated that its investigation found no evidence that any of the accessed information had been misused. Consequently, the company proceeded to notify affected individuals in February 2021, describing the notification as being done "in an abundance of caution." This notification was communicated through a press release and a statement posted on the company's own website, informing customers of the incident that had occurred nearly a year prior and outlining the categories of information that may have been involved.