Cyber Incident Victim: Multi-Color Corporation
Date:
May 2016
Location:
United States of America
Summary
A cybersecurity incident involving Multi-Color Corporation occurred when unauthorized individuals breached a third-party law firm's office, stealing physical items including a hard drive containing sensitive employee data and its access password. The compromised information included names, Social Security numbers, addresses, dependent details, and HR records for all U.S. employees at the time, as well as certain former employees, applicants, and individuals affiliated with a predecessor company. The organization initiated an investigation with law enforcement, private investigators, and external monitoring services, while expressing a reasonable possibility of recovering the stolen hardware to assess potential unauthorized data access.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 14 or 15, 2016, an unauthorized individual broke into the offices of an unnamed East Coast law firm representing Multi-Color Corporation, a label solutions company. The intruder stole multiple items during the physical breach, including a hard drive containing sensitive employee data belonging to Multi-Color. The stolen hard drive stored comprehensive Human Resource records covering all active U.S.-based Multi-Color employees as of April 13, 2016, with compromised information including full names, Social Security numbers, addresses, and certain dependent details. Data pertaining to former employees, applicants, and personnel from a predecessor company was also affected. Crucially, the thief obtained the password required to access the encrypted hard drive alongside the device itself. Multi-Color first learned of the incident on May 16 when the law firm notified them about the burglary and data compromise. The breach originated entirely through the third-party law firm's physical security failure rather than a direct cyber intrusion into Multi-Color's systems.
Multi-Color Corporation initiated a coordinated response involving the affected law firm, Baltimore police departments, private investigators, and unspecified authorities to investigate the burglary and potential data misuse. The company retained an external monitoring firm to scan internet channels for any traces of the stolen information appearing online. In a June 15, 2016 Notice of Security Incident, Multi-Color Vice President of Global Human Resources Lesha Spahr publicly acknowledged the breach and apologized to affected individuals, while emphasizing efforts to physically recover the stolen hard drive. The company stated there was a reasonable possibility of retrieving the device to determine whether attackers had accessed the sensitive files. Multi-Color did not confirm any actual misuse of personal data but treated the incident as a significant exposure risk given the comprehensive nature of the stolen HR records. No details regarding protective services for victims or regulatory filings were disclosed in the public notice.