Akron-based Famous Enterprises, Inc. said on Friday that it recently began mailing letters to individuals whose information may have been compromised in a data security incident.
Famous, which is a manufacturer and distributor of HVAC, plumbing, industrial and building products, said its computer systems were infected with malware on March 25 that encrypted data on those machines.
Malware is software that’s intentionally designed to cause damage to a computer, server, client, or computer network. Malware attacks increased in number last year as cybercriminals targeted remote workers who didn’t have the same security measures in place as they normally did at their office locations.
Famous said it quickly identified and contained the malware, restored the systems to operation and launched an investigation with the assistance of a cybersecurity firm. On March 30, the investigation found that some data stored in Famous’ network was accessed by an unauthorized party.
Famous reviewed the information contained in the sources of the accessed data, and on July 19 determined that the potentially accessed data included the names, Social Security numbers, financial account information, medical information and/or health insurance information of some associates, their dependents and beneficiaries.
Famous said it had no indication that any individuals’ information was actually viewed. The company started mailing letters on Thursday (Sept. 16) to those customers whose information was found in Famous’ database. In order to help remedy the breach, Famous is offering eligible individuals complimentary credit monitoring and identity protection services.
Famous also cautioned its customers to remain vigilant by reviewing their account statements and credit reports for any unauthorized activity. Famous also recommends individuals review any statements from health insurers or healthcare providers.
Famous said it has taken steps to help prevent a similar attack from occurring in the future, including updating user passwords and implementing additional security safeguards and controls in its network infrastructure.