Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Label Giant Multi-Color Corporation Discloses Data Breach

Label printing giant Multi-Color Corporation (MCC) has started informing employees that their personal information might have been compromised in a recent cyberattack.

Label printing giant Multi-Color Corporation (MCC) has started informing employees that their personal information might have been compromised in a recent cyberattack.

A global supplier of premium label solutions, MCC operates roughly 100 label producing operations and has approximately 10,000 employees. MCC provides label solutions to organizations in the automotive, beverage, chemicals, food, healthcare, technical, and other industries.

In a data breach notice last week, MCC announced that, on September 29, 2022, it discovered unauthorized access to its network.

An investigation launched into the incident has revealed that sensitive HR data might have been compromised, including “personnel files and information on enrollment in our benefits programs”.

MCC says that it is collecting and retaining “personal information to administer our health and wellness program, facilitate payroll, and complete other routine business functions.” Both current and former MCC employees are impacted.

In addition to employees’ personal information, the data breach might have also impacted the information of a limited number of employee spouses, partners, and/or dependents who are enrolled in the benefits programs.

The company says the incident does not impact its customers and suppliers, as it does not collect or retain their personal information.

MCC has not provided details on the type of cyberattack it fell victim to, but it appears that the company might have been in contact with the attackers, likely paying a ransom to ensure that any stolen data has been destroyed.

“However, based on the measures that we have implemented and the actions we have taken, there is no indication that any personal information subject to this cybersecurity incident has been misused or will be misused in the future,” the company said.

Related: Data Breach at Australian Health Insurer Impacts 4 Million Customers; Could Cost $35M

Related: Cyberattack Causes Disruptions at Wholesale Giant Metro

Related: Microsoft Confirms Data Breach, But Claims Numbers Are Exaggerated

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.