Griffon Corporation, a holding company based in New York City, experienced a data breach that compromised sensitive personal information. The breach was discovered on September 30, 2024, when Griffon reported unauthorized access to its computer network to the Attorney General of Vermont. The company explained that this incident allowed an unauthorized party to gain access to certain files and folders containing sensitive data belonging to individuals. The compromised information included names, addresses, dates of birth, Social Security numbers, driver’s license numbers, passport numbers, account numbers, and health insurance details.
The breach occurred between June 15, 2024, and July 21, 2024, and was detected following the company’s internal monitoring. Once Griffon became aware of the unauthorized access, they secured the affected network and launched a detailed investigation to assess the full scope of the breach. The investigation revealed that certain confidential information had been exposed to unauthorized individuals. Griffon then conducted a thorough review of the compromised data to determine the specific individuals impacted and the exact nature of the information accessed.
Following the investigation, Griffon Corporation took immediate steps to inform those affected by the breach. On September 30, 2024, the company sent data breach notification letters to the individuals whose information had been compromised. These letters outlined the specific types of sensitive data that had been accessed and provided guidance on how individuals could protect themselves from further potential risks. Griffon has also taken steps to secure its network and enhance its internal cybersecurity measures to prevent future incidents of this nature.
Griffon Corporation, with over 5,700 employees and approximately $2.6 billion in annual revenue, operates through two major segments: home and building products, and consumer and professional products. The company’s home and building products division includes Clopay Corporation, the largest manufacturer of garage doors and rolling steel doors in North America, while its consumer and professional products division consists of The AMES Companies, which manufactures tools for home storage, landscaping, and outdoor enhancements. Griffon’s data breach highlights the risks businesses face in safeguarding sensitive customer information and underscores the importance of proactive security measures.
Reference:
