By Gregory Hale
Amesbury, Massachusetts-based The Phillips Screw Company suffered a “sophisticated” cyberattack that disrupted its day-to-day operations.

The breach occurred December 11 last year, but ended up discovered by the company May 10.

“The Phillips Screw Company detected a sophisticated cybersecurity incident that impacted our network on December 18, 2023,” the company said in a filing. “Due to this incident, we experienced limited disruption to our day-to-day operations and worked as quickly as possible to remediate and resume full business functionality. In doing so, we took immediate steps to mitigate the threat, including taking certain systems offline.”

The company said the threat actor was able to gain access and stayed on the system from Dec. 11 through Dec. 18.

Schneider Bold

“Following the detection of the incident, we quickly engaged professionals experienced in handling these types of incidents to assist us with an investigation and to assess the full scope of the incident and the information impacted,” the company said. “The investigation revealed that the unauthorized party gained access to our systems between December 11, 2023 through December 18, 2023.

“After an extensive forensic investigation and manual document review, we discovered on May 10, 2024 that the unauthorized party accessed and potentially acquired files from our system that contained your personal information, such as your name and social security number.”

The company has no evidence any of the information ended up been misused.

The Phillips Screw Company designs and engineers proprietary fastener technology, including high-performance drive systems for fastening applications in aerospace, automotive, DIY and trade, electronics, industrial, marine, military and header tools and gauging markets.

No further information was available on the cyberattack.

ISSSource

Pin It on Pinterest

Share This