Cyber Incident Victim: USNR LLC

On September 28, 2020, USNR LLC, a Woodland, Washington-based manufacturing firm described as the world’s largest supplier of equipment for the wood processing industry, experienced a ransomware attack. The company first detected the intrusion nearly a month later, on October 25, indicating a prolonged period of undetected network access by the attackers. An investigation determined that the attackers encrypted files and potentially accessed sensitive personal information belonging to 3,950 current and former employees. The compromised data included names, addresses, dates of birth, Social Security numbers, and bank account information. Additionally, beneficiary information associated with employees—including beneficiaries’ names, addresses, dates of birth, and Social Security numbers—was exposed.

In response, USNR initiated a comprehensive rebuild of its internal network and infrastructure to mitigate further risks. The company stated it had no evidence of actual misuse of the stolen data but proactively offered credit monitoring and identity protection services through Equifax to affected individuals. Notification letters detailing the incident and the offered services were scheduled for distribution on December 7, 2020, over two months after the initial attack detection. The incident disrupted operations due to the encryption of files and necessitated significant remediation efforts to restore systems and secure compromised data. No information was disclosed regarding ransom demands, payment, or the specific ransomware variant involved.