Briggs and Stratton, a maker of gasoline engines for outdoor power equipment, were breached and client information was stolen.
NATURE OF THE BREACH
Briggs and Stratton experienced a malware attack(software that is intended to damage or disable computers and computer systems) on Briggs’ computer systems at its Milwaukee, Wisconsin and Munnsville, New York locations that potentially compromised information from approximately July 25, 2017, to July 28, 2017. Briggs became aware of this incident on July 25, 2017, and took extreme steps to both contain and thoroughly investigate the attack. Although Briggs has no evidence of misuse of the stolen information, they notified individuals out of an abundance of caution. The malware, by its nature, could have allowed a third party to access, use, and disclose individuals’ account-related, human resources, and health plan information as listed on the sample copy of the notice enclosed, the public letter says.
After discovering this incident, Briggs notified the Federal Bureau of Investigation, the Department of Homeland Security, and the Wisconsin Department of Justice. Due to the ongoing investigation, law enforcement requested that Briggs delay notifying individuals of the incident until September 30, 2017. Briggs complied with that request and mailed notifications to potentially affected individuals on September 29, 2017. The following is a sample copy of the notice that is being provided to the individuals potentially affected.
STEPS THEY ARE TAKING RELATED TO THE INCIDENT
Briggs hired forensic consultants to eradicate the malware, determine if any information was compromised, and help Briggs prevent an incident like this from happening in the future. Briggs also provided potentially affected individuals with three bureau credit monitoring and identity theft protection through Experian IdentityWorks at no cost to the individual for one year.
WHAT INFORMATION WAS INVOLVED?
The information that could have been stolen includes names, addresses, Social Security numbers, date of birth, driver’s license numbers, health plan IDs, medical and health insurance information, passport numbers, work-related evaluations, and account log-in information used to access Briggs & Stratton computers systems at the Wisconsin and New York locations.