UPDATED 19:59 EDT / FEBRUARY 21 2022

SECURITY

Kitchenware maker Meyer hacked by Conti ransomware gang

Kitchenware maker Meyer Corp. U.S. has disclosed that employee data was stolen in a ransomware attack that targeted the company in October.

In a data breach notification filed with the Office of the Maine Attorney General, Meyer said the breach occurred on Oct. 25 but was not discovered until Dec. 1. The attack affected Meyer and its subsidiaries, including Hestan Commercial Corp., Hestan Smart Cooking, Hestan Vineyards and Blue Mountain Enterprises LLC.

According to a letter sent Feb. 18 to those affected, the attack involved a wide range of data stolen. It includes first and last name, address, date of birth, gender, race or ethnicity, Social Security number, health insurance information, medical information, driver’s license, passport or government-issued identification number, and Permanent Resident Card and information regarding immigration status.

Meyer did not report the form of ransomware used in the attack, but Bleeping Computer reported today that the infamous Conti ransomware gang has claimed responsibility. The gang posted on its dark web page on Nov. 7 that it hacked the company and offered a 246-megabyte file that is claimed to include 2% of the data stolen as proof of the attack. No further data has been published by the gang since then.

The Conti ransomware gang first emerged in 2020 and has been linked to a range of attacks. Previous victims include Ireland’s health serviceAdvantech Co. Ltd., voice-over-internet-protocol hardware and software maker Sangoma Technologies Corp. and hospitals in Florida and Texas. Its most recent attack targeted Tesla Inc. and Apple Inc. supplier Delta Electronics Inc. in January.

The U.S. Federal Bureau of Investigation issued a warning about the Conti ransomware gang in May, followed by a warning from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency in September.

“Ransomware groups such as Conti have been a thorn in the side of organizations from almost all industries and around the world,” Erich Kron, security awareness advocate at security awareness training company KnowBe4 Inc., told SiliconANGLE. ”

Kron said that the impact of the ransomware attack goes beyond the theft of data alone, explaining that an affected company must deal with the fact that the data was stolen in the first place. “In heavily regulated industries or localities with strong privacy laws, this can result in significant fines and other financial impacts,” he added.

Image: Meyer

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU