Belden is looking into data incident involving unauthorized access, compromised data

Belden, the owners of Tripwire, said Tuesday that the company is looking into a data incident involving unauthorized access and copying of some current and former employee data. It also added that limited company information regarding certain business partners was compromised, but did not specify when the attack took place, the number of users affected by the intrusion, or the cause of the attack.

The St. Louis, Missouri-based company has begun notifying individuals who may have been affected by the data incident, and is providing them with free monitoring and support services. Belden is also proactively contacting business partners that have been impacted.

Forensics experts have determined that Belden was the target of a sophisticated attack by an external party that gained access to a limited number of company file servers, according to Belden. The issue has, however, not affected production from Belden’s manufacturing plants, quality control or shipping, which are currently operating normally.

In a subsequent statement issued Wednesday to some news sites, Belden confirmed that personal information accessed and stolen may have contained data such as names, birthdates, government-issued identification numbers like social security and national insurance, bank account information of North American employees on Belden’s payroll, home addresses, email addresses and other general employment-related information. Limited company information accessed and stolen related to some of the business partners including bank account data and, for U.S. partners, their taxpayer ID numbers, according to Belden.

“We are notifying all affected employees and business partners and are taking steps to provide individuals with free monitoring and support services, where available. We have also notified appropriate regulatory and law enforcement authorities who are assisting with the investigation. We sincerely regret any inconvenience this situation may cause all impacted individuals,” the statement added.

Belden IT professionals recently detected unusual activity involving certain company servers. The company immediately activated its cybersecurity incident response plan, deployed teams of internal IT specialists, and engaged third-party cybersecurity forensic experts and other advisors to identify and mitigate the impact of this incident.

“Safety is always paramount at Belden and we take threats to the privacy of personal and company information very seriously,” said Roel Vestjens, president and chief executive officer, in a press statement. “We regret any complications or inconvenience this incident may have caused and are offering assistance to those individuals who may have been impacted.”

As the investigation continues, Belden believes that it has stopped further unauthorized access to personal and business partner data on its servers. It is also currently working with regulatory and law enforcement officials to investigate the matter. Outside legal counsel has also been engaged to help the company notify appropriate global regulatory authorities.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.