Cyber Incident Victim: Great Plains Manufacturing

The Great Plains Manufacturing cyberattack was discovered on October 11, 2021, when unauthorized access to company systems was identified. Forensic investigations determined threat actors initially infiltrated the network on September 28, 2021, maintaining continuous access until detection nearly two weeks later. Upon discovery, the organization ejected the attackers and initiated containment procedures. A subsequent review of the compromised file server, completed by November 1, 2021, confirmed unauthorized access to sensitive employee data. The breach exclusively impacted 4,110 current and former employees along with their dependents enrolled in the Great Plains Manufacturing, Inc. Employee’s Beneficiary Association Trust health plan. Exfiltrated records contained personally identifiable information including full names, dates of birth, Social Security numbers, health insurance identification details, and specific health plan enrollment selections. No evidence suggested broader system compromise beyond the targeted file server housing these personnel records.

Great Plains Manufacturing formally notified all affected individuals via mailed correspondence on December 1, 2021, detailing the 14-day exposure period and specific data elements involved. The company confirmed the breach scope remained limited to health plan participants without spillover to operational manufacturing systems or customer data repositories. As remediation, the organization provided complimentary 12-month identity theft monitoring services to all impacted persons through a third-party provider. Internal cybersecurity enhancements were implemented following forensic analysis, though specific technical controls were not publicly disclosed. The incident triggered mandatory reporting obligations under health privacy regulations due to the compromised protected health information of workforce members and their beneficiaries.