A major manufacturing company for live events has disclosed a data breach affecting the personal and financial information of its employees.
Tait Towers Manufacturing produces rigging, lighting and other equipment for concerts, theatrical performances and the like. It claims to have worked on many of the highest-grossing concert tours of all time.
The US-headquartered multinational waited nearly two months before last week disclosing an incident which was detected on April 6, but began on February 16. The firm said an unauthorized third party had accessed a server and some employee email accounts.
It has since reset server and email logins to remediate the incident and deployed multi-factor authentication and endpoint monitoring systems to improve safeguards for the future.
Among the compromised information are employee names, addresses, email addresses, dates of birth and Social Security numbers or financial account numbers.
Although the company said it has “no reason to believe that any of the information maintained in the server and email accounts was misused,” the data would be tactically useful for cyber-criminals in developing phishing campaigns and/or follow-on fraud.
Tait has urged clients, employees and vendors to monitor their financial accounts for any unusual activity while it completes its investigation into the incident. It is also offering the usual free credit monitoring to affected employees.
“Many data breaches like the Tait breach are caused by employees and executives opening attachments or clicking links in emails from an unidentified third-party sender,” argued Chris Hauk, consumer privacy champion at Pixel Privacy.
“Educating employees about the risks of indiscriminate link clicking has never been more important than it is in today's always-connected world.”