Cyber Incident Victim: Matco Tools Corporation

On or around March 1, 2022, an unauthorized party gained access to Matco Tools Corporation's computer network, triggering a cybersecurity incident. The company responded by disconnecting affected systems and disabling accounts linked to suspicious activity. Matco launched an investigation that confirmed the unauthorized access and identified compromised files containing sensitive consumer information. The investigation, concluded later in 2022, determined that the breach exposed names and Social Security numbers of individuals whose data was in Matco's possession. While the specific intrusion methods weren't disclosed, the company's forensic review revealed the attacker accessed confidential records during the network intrusion period.

The breach impacted 14,342 individuals according to Matco's January 26, 2023 filing with the Maine Attorney General. Notification letters were dispatched on that date detailing the compromised data types per individual. No evidence suggested immediate fraudulent activity stemming from the breach at notification time, though the 10-month delay between intrusion discovery and consumer alerts created potential identity theft risks. Matco Tools, a Stow, Ohio-based hardware retailer and Vontier Corporation subsidiary, confirmed the incident didn't disrupt its operations or tool manufacturing/services. The company's response focused on securing systems, investigating data exposure scope, and fulfilling regulatory notification obligations under Maine's breach disclosure laws.