In late May 2024, Melville Candy Company discovered suspicious activity on its network. The company immediately disconnected its systems to limit any damage and started an investigation with the help of independent forensic experts. It was soon confirmed that an unauthorized individual had accessed Melville’s systems for a limited time.
By June 12, 2024, Melville determined that certain HR files containing personal information may have been accessed during the incident. The company took this seriously and focused on identifying the scope of the breach. The files in question could have contained sensitive employee information.
Two New Hampshire residents were impacted by the breach. These individuals were formally notified of the potential exposure of their personal data in a letter sent by Melville on July 18, 2024. The company provided the necessary details and steps that were being taken to address the situation.
In response to the incident, Melville strengthened its security measures. The company reset passwords for user accounts and enhanced endpoint monitoring. Affected individuals were also offered credit monitoring and identity protection services through Experian to help guard against any future risks.
Reference: