Cookware giant Meyer has revealed a data breach that impacted an undisclosed number of employees.
The firm, which is the largest distributor of cookware in the US, revealed the incident in a notification letter to employees posted to the website of the California attorney general’s office.
It notes that the attack happened at the end of October 2021, but it wasn’t until December 1 that an investigation revealed employee data might have been taken.
The impact on victims could be severe, depending on what was taken, although the firm still doesn’t conclusively know which employees were affected.
“The types of personal information that may have been accessed during this incident will depend on the types of information you have provided to your employer, but may include: first and last name; address; date of birth; gender; race/ethnicity; Social Security number; health insurance information; medical condition(s) and diagnoses; random drug screening results; COVID vaccination cards and status; driver’s license, passport, or government-issued identification number; permanent resident card and information regarding immigration status; and information regarding your dependents (including Social Security numbers), if applicable that you may have provided to the company in the course of your employment,” the notice claimed.
“Again, at this time, we have no evidence that your specific information was actually accessed or impacted.”
Meyer, which is owned by a Hong Kong-based parent company, is offering employees identity protection services for two years.
“We have also taken steps to further enhance our security controls, and we continue to investigate and evaluate this matter to prevent a similar occurrence in the future,” it concluded.
Identical letters were also addressed to employees of other Meyer companies, including Hestan Commercial Corporation, Hestan Smart Cooking, Hestan Vineyards and Blue Mountain Enterprises.