[BreachExchange] Amalgamated Sugar suffers cyber security breach; 2,858 workers' personal info stolen

[Audrey McNeil]

http://www.kivitv.com/news/amalgamated-sugar-suffers-
cyber-security-breach-workers-personal-info-stolen-in-phishing-attack

Management officials of The Amalgamated Sugar Company, LLC distributed
letters to its employees Thursday, notifying them that the company suffered
“a data breach that has resulted in the disclosure of employee personal
information to an unauthorized personal outside of the business.”

The company is headquartered in Boise, has factories in Nampa and the
Mini-Cassia area, a research facility in Twin Falls, a warehouse in Nyssa,
Oregon, and a marketing office in Savannah, Georgia. It is the nation’s
second largest company manufacturing sugar from sugar beets, according to
its website.

“2,858 employees are affected by this breach,” said company spokesperson
Emily Baker. “This includes all current employees at all of our facilities,
as well as any employee who worked for the company is 2016. Anyone who was
hired by the company this year (2017) is not impacted.”

The letter, obtained by Idaho On Your Side, explained, “The breach was
triggered through an e-mail scam known as a spear-fishing attack. Someone
posing as our CEO and mimicking his company e-mail address sent an e-mail
to a corporate office employee requesting copies of our employees’ W-2s.
Believing that this request was legitimate, a member of our staff replied
to the forged e-mail with copies of all 2016 W-2s for all Amalgamated, ARi
and NSM employees.” ARi is the research facility in Twin Falls, NSM is the
National Sugar Marketing Group, based in Savannah.

In the letter to employees, Scott Blickenstaff, General Counsel for the
Snake River Sugar Company/The Amalgamated Sugar Company, LLC., stated
officials are in the process of investigating the incident, and is working
with law enforcement to determine the scope of the breach. “We take privacy
and security of our employees’ information seriously and, as part of our
response, we are purchasing (a) credit minoring service … for all affected
employees, and compiling information on other ways to protect personal
information.”

Blickenstaff said the company will be communicating more information to its
employees within the next several days.

He instructed employees to place a fraud alert on their credit files and
notify credit bureaus, so creditors will contact them before opening any
new accounts or changing their existing accounts. He also recommended
employees check their credit reports periodically, looking for any
suspicious activity. “Thieves may hold stolen information to use at
different times,” he stated.

Blickenstaff also told employees to report any suspicious credit activity
to law enforcement agencies, their banks, credit card providers or other
financial institutions.

“We greatly regret this breach has occurred,” he stated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170227/4bad7f95/attachment.html>