Label printing giant Multi-Color Corporation (MCC) has started informing employees that their personal information might have been compromised in a recent cyberattack.
A global supplier of premium label solutions, MCC operates roughly 100 label producing operations and has approximately 10,000 employees. MCC provides label solutions to organizations in the automotive, beverage, chemicals, food, healthcare, technical, and other industries.
In a data breach notice last week, MCC announced that, on September 29, 2022, it discovered unauthorized access to its network.
An investigation launched into the incident has revealed that sensitive HR data might have been compromised, including “personnel files and information on enrollment in our benefits programs”.
MCC says that it is collecting and retaining “personal information to administer our health and wellness program, facilitate payroll, and complete other routine business functions.” Both current and former MCC employees are impacted.
In addition to employees’ personal information, the data breach might have also impacted the information of a limited number of employee spouses, partners, and/or dependents who are enrolled in the benefits programs.
The company says the incident does not impact its customers and suppliers, as it does not collect or retain their personal information.
MCC has not provided details on the type of cyberattack it fell victim to, but it appears that the company might have been in contact with the attackers, likely paying a ransom to ensure that any stolen data has been destroyed.
“However, based on the measures that we have implemented and the actions we have taken, there is no indication that any personal information subject to this cybersecurity incident has been misused or will be misused in the future,” the company said.