Multinational corporation Meyer has admitted to a breach in its cybersecurity that left thousands of its employees exposed to malicious hackers.
The cookware distributor – the largest of its kind in the US – disclosed the vulnerability to the Attorney General after launching an internal investigation that concluded in December.
The inquiry found that threat actors breached Meyer’s cybersecurity on October 25, gaining access to personal details of workers that included full names, addresses, age, gender, ethnicity, passports, and government ID numbers.
Another investigation by cybersecurity experts at Bleeping Computer found evidence suggesting the Russia-based Conti ransomware group – behind the Log4J Shell attacks last year – was behind the data raid on Meyer. This was an entry on Conti’s portal touting a ZIP file containing 2% of the information stolen from the multinational.
At the time of writing, the ransomware gang has not yet made the rest of the pilfered data available, suggesting that it could be holding out for the highest bidder.
Meyer insisted that it “takes the data of its employees seriously” and has offered two years of identity theft protection to affected workers at no cost.
More from Cybernews:
Subscribe to our newsletter