MG Stover Reports Data Breach Due to Vendor Incident at Retool, Inc.

On September 29, 2023, MG Stover took the necessary step of notifying the Attorney General of Massachusetts about a data breach stemming from an incident involving Retool, one of its vendors. This breach resulted in unauthorized access to sensitive consumer information, including names, Social Security numbers, addresses, email addresses, phone numbers, and dates of birth.

Following the breach, Retool initiated an investigation and promptly began disseminating data breach notification letters to affected individuals. The incident, disclosed in detail on Retool’s blog and MG Stover’s report to the Attorney General, shed light on the chain of events leading to this breach.

Reportedly, on August 27, 2023, Retool encountered a phishing attack where hackers targeted multiple employees through deceptive text messages, posing as an HR administrator. One employee unknowingly interacted with a fraudulent link, providing the hacker access to login credentials after filling out a form within the fake URL. This breach allowed the attacker to compromise the employee’s login credentials.

Upon discovering this, Retool notified MG Stover about the incident on September 20, 2023. Subsequently, by September 22, 2023, MG Stover became aware that the hackers accessed confidential information entrusted to Retool.

In response, Retool meticulously reviewed compromised files to delineate the leaked information and identify affected consumers. The breached data may encompass names, Social Security numbers, addresses, email addresses, phone numbers, and dates of birth, varying based on individual records.

On September 29, 2023, Retool commenced the distribution of data breach notification letters to individuals impacted by the security incident, providing a comprehensive list of compromised information specific to each affected party.

Furthermore, other entities conducting business with MG Stover, such as Off the Chain LP, NextProtocol Capital, and North Island Ventures, also appear to have been affected by this breach through their association with Retool.

Founded in 2007 and headquartered in San Francisco, California, Retool, Inc. specializes in software engineering, offering a tool development platform facilitating custom business tool creation without requiring extensive programming knowledge. With a workforce exceeding 200 employees, the company generates an estimated annual revenue of approximately $42 million.

- Advertisment -ad

Most Popular