Cyber Incident Victim: State Industrial Products

The FBI alerted Ohio-based State Industrial Products on January 23, 2014, that an unauthorized party had gained access to personal information belonging to current and former employees. The compromised data included names, addresses, email addresses, Social Security numbers, driver's license numbers, genders, dates of birth, phone numbers, employee IDs, and dates of hire. While the exact number of affected individuals remained undisclosed, the company's LinkedIn profile indicated it employed between 501 and 1,000 people at the time. The FBI provided State Industrial Products with a specific list of impacted employees and details about the stolen information during its notification. CEO Seth Uhrman confirmed in a letter to victims that his own personal data had also been compromised in the breach. Evidence suggested the stolen information was being used to file fraudulent tax returns, prompting collaboration between the company, FBI, and IRS to prevent further misuse.

State Industrial Products initiated its response immediately upon receiving the FBI's alert on January 23. The company retained a computer security firm to investigate the breach and formally notified all employees identified on the FBI's compromised list by January 27, 2014. Affected individuals were offered one year of complimentary identity theft protection services. The company maintained that disclosing additional details about the intrusion or investigation would be premature due to the ongoing law enforcement involvement. No information was released regarding the duration of unauthorized access, specific attack vectors, or whether customer data was affected. The breach exclusively impacted employee records, with tax fraud emerging as the primary confirmed misuse of stolen data at the time of reporting.