O'Neal Industries discloses data breach affecting its former employees
An Alabama-based holding company specializing in the metals service industry said an attacker accessed its network using a "highly sophisticated type of malware that evaded virus detection".
The malicious actor breached the company's systems in November 2022. O'Neal Industries said none of the platforms or companies administering employee benefits were impacted.
However, according to the breach notification filed with the California Attorney General's office, one of the breached systems contained HR files that "store social security numbers and other personal information we maintain on file for our former employees and, in some cases, their beneficiaries or dependents."
Founded in 1921, the company is considered one of America's biggest private companies, according to Forbes. Its revenue was $2.8 billion in 2022. The company and all its subsidiaries employ approximately 3,000 people.
"We have hired external cybersecurity experts to investigate what happened, to strengthen our computer network, and to monitor the "dark web" for any references to information involved in this incident. These efforts are all ongoing," the company said.
More from Cybernews:
Year of the rising DDoS: how digital zombie attacks have evolved since the 1970s
Netflix wants you to use your iPhone as a gaming controller, code suggests
TikTok fined $16m for 'misusing children's data' in the UK
Virtual command center takes top prize at NIST emergency response tech contest
Subscribe to our newsletter
Your email address will not be published. Required fields are marked