Cyber Incident Victim: Coleman Group of Companies

The Coleman Group of Companies experienced a cyberattack targeting its systems during the weekend of February 20, 2021. The company's IT team detected the intrusion while it was actively occurring and successfully halted the attack before it could fully compromise their network. Initial investigations revealed that unauthorized actors potentially accessed human resources and payroll files containing sensitive employee information. These files stored comprehensive personal and financial details of both current and former employees, including full names, residential addresses, social insurance numbers, and direct banking information. The breach window was limited due to the prompt containment measures implemented upon discovery. Greg Gill, Vice-President of Marketing, publicly confirmed the incident and emphasized the company's rapid response in neutralizing the threat during its active phase. No specific details were provided regarding the attack vector or the identity of the threat actors behind the intrusion.

The compromised employee records exposed individuals to potential identity theft and financial fraud risks due to the highly sensitive nature of the accessed data. Coleman Group initiated internal forensic reviews to determine the precise scope of data exposure and whether information was exfiltrated from their systems. While the company confirmed the breach of HR and payroll repositories, they did not disclose the total number of affected individuals or specific operational impacts beyond the data security implications. The organization began notifying current and former employees about the potential compromise of their personal information as a precautionary measure. No evidence of data misuse was reported at the time of disclosure, though the company acknowledged the possibility that attackers obtained access to the sensitive files during the limited breach period.