Meyer Corporation, the largest cookware distributor in the United States and the world’s second-largest, has notified the US Attorney General office of a data breach that affects thousands of its personnel. According to the notice letter provided with California and Maine’s US Attorney General offices, Meyer was the target of a cyberattack on October 25, 2021.
As a result, Meyer and its subsidiaries initiated an investigation, which was completed on December 1, 2021. They revealed that threat actors had gotten access to personal information belonging to Meyer and its subsidiaries’ personnel.
“On or around December 1, 2021, our investigation identified potential unauthorized access to Meyer employee information [including employees of Meyer’s subsidiaries Hestan Commercial Corporation, Hestan Smart Cooking, Hestan Vineyards, and Blue Mountain Enterprises, LLC],” clarifies the Meyer data breach notice.
The data breach letter emailed to impacted workers says that Meyer is committed to safeguarding the personal information of its workers. It’ll offer two years of free identity protection services to affected employees and their dependents. While Meyer’s declaration doesn’t detail the intrusion that led to the data leak, a pertinent listing on the Conti extortion site that dates from November 7, 2021, was discovered.
On Conti’s page, Meyer has a ZIP file that contains 2% of the data allegedly seized by the ransomware group during the incident. However, in the months afterward, the renowned ransomware organization has failed to reveal the remaining 98 percent, indicating either a readiness to bargain forever or a loss of interest.
In any event, since that Meyer has made the issue public and offered identity protection services to those who have been harmed, there can be no conclusion that favors the malicious actors.