Amalgamated Sugar employee information compromised in data breach
Amalgamated Sugar says that some of its employees’ personal information was compromised recently after a data breach at the company.
Amalgamated says they became aware of the situation just hours after it happened February 22nd. It was discovered after a hacker posing as the Company’s CEO and mimicking his company email address sent a spear phishing email to a corporate employee requesting copies of employee personal information.
“We deeply regret this incident and want to extend our apologies and express our concern to everyone affected by this incident,” said Amalgamated’s President and CEO, John McCreedy. “We take the security of our employees’ personal information very seriously and we are examining our existing protocols and putting controls in place to prevent this from happening again. We also want other businesses to be aware of the urgent need to heighten cyber-attack prevention measures.”
After learning of the breach, Amalgamated immediately identified the source of the attack and worked with staff to control all communications. Within 24 hours, Amalgamated notified local law enforcement, the Idaho Attorney General’s Office and State Tax Commission, the FBI, and the IRS.
Amalgamated has notified employees of the incident by email and through workplace meetings. Letters are being sent to all impacted employees. Amalgamated has arranged to provide credit monitoring and identity theft protection services through Lifelock for employees, free of charge.
So far, there’s no evidence that any of the information has been used by hackers, but Amalgamated is encouraging employees to register with Lifelock and remain vigilant.
Amalgamated Sugar is headquartered in Boise and has production facilities in Nampa, Paul, and Twin Falls.