Clark Material Handling Company, a privately held manufacturing company headquartered in Lexington, Kentucky, recently reported a data breach to the Attorney General of New Hampshire, revealing potential access to sensitive personal identifiable information (PII) within its systems. The breach was first discovered on March 3, 2024, when CLARK detected suspicious activity in its network environment. In response, the company promptly launched an investigation to ascertain the nature of the incident and the extent of the potential data compromise.
Through its investigation, CLARK identified that the breach resulted from a compromise of its third-party web developer, which allowed an unauthorized third party to gain access to CLARK’s environment through the developer’s account. The unauthorized access was found to have occurred between February 14, 2024, and March 3, 2024, during which sensitive information may have been accessed and copied by the unauthorized actor. CLARK subsequently undertook a comprehensive review of the data to assess what specific information had been impacted and to identify the individuals affected by the breach.
The review, which was completed on July 9, 2024, indicated that various types of sensitive information could have been exposed during the breach. This included names, Social Security numbers, passport numbers, driver’s license numbers, financial account numbers, payment card information, as well as medical and insurance information. To inform the affected individuals of the breach and the types of information that may have been compromised, CLARK mailed data breach notification letters on August 22, 2024, offering complimentary credit monitoring services as a precautionary measure.
Founded in 1903, CLARK is recognized as one of the top manufacturers of forklifts and spare parts, operating over 250 service locations across the US, Canada, and Mexico. The company has built a robust reputation over its long history, producing more than one million forklifts and employing over 1,500 individuals. As CLARK navigates this data breach, it remains committed to enhancing its data security protocols to protect sensitive information and maintain trust among its customers and stakeholders in an increasingly digital environment.
Reference:
