Cyber Incident Victim: Headlam Group

On November 24, 2020, floor coverings distributor Headlam Group publicly disclosed a cybersecurity incident involving unauthorized access to portions of its computer systems. The breach resulted in confirmed access to an unspecified volume of company data. Headlam identified impacts on certain back-office operational systems during the incident, though the disclosure did not enumerate specific applications beyond confirming compromise of the corporate email environment. The company restored email system functionality prior to its public notification, indicating containment efforts occurred before the disclosure date. No technical details regarding intrusion methods, attacker origins, or duration of unauthorized access prior to detection were disclosed. Headlam’s statement did not specify whether customer, employee, or business partner data categories were accessed or exfiltrated during the incident.

The company’s disclosure provided limited information regarding operational consequences beyond the temporary email system disruption. Headlam did not report service interruptions to customer-facing operations or supply chain functions. No ransomware deployment, system encryption, or financial extortion attempts were referenced in the public statement. The restoration of email services prior to disclosure suggests incident responders contained the breach’s operational impacts within back-office systems. Headlam did not quantify affected individuals or entities, disclose regulatory notifications, or describe data remediation measures such as credential resets. The public announcement contained no reference to forensic investigation findings, third-party cybersecurity firm involvement, or planned security enhancements following the breach.