Jewett-Cameron Trading, an Oregon-based producer of outdoor fence products, suffered a ransomware attack on October 15, where hackers breached its IT systems, encrypted corporate data, and installed monitoring software. The attackers exfiltrated images of video meetings, screenshots containing sensitive company information, and non-public financial documents including data prepared for the company’s upcoming SEC 10-K annual fiscal report. The threat actors demanded a ransom, threatening to publicly release the stolen data if unpaid. The incident caused operational disruptions, forcing the company to take critical business applications offline as a precaution. While no personal data of employees, customers, suppliers, or vendors was confirmed stolen, the attack materially impacted operations and is expected to affect Q1 2026 financial results. Law enforcement and cybersecurity experts were engaged, and the breach was contained, though system recovery remains ongoing. The company’s cyber insurance is expected to cover most recovery costs. The FBI had previously warned (2021) that ransomware gangs exploit financial reporting periods to extort companies by threatening to leak material nonpublic information, risking investor backlash and reputational damage.
Source: https://therecord.media/ransomware-gang-steals-meeting-video-fence-manufacturer
TPRM report: https://www.rankiteo.com/company/jewett-cameron
"id": "jew0892208102225",
"linkid": "jewett-cameron",
"type": "Ransomware",
"date": "6/2021",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'none reported',
'industry': ['manufacturing',
'wholesale distribution',
'lumber brokerage'],
'location': 'Oregon, USA',
'name': 'Jewett-Cameron Trading',
'type': 'public company'}],
'data_breach': {'data_encryption': True,
'data_exfiltration': True,
'personally_identifiable_information': 'none reported',
'sensitivity_of_data': 'high (non-public financial and '
'corporate information)',
'type_of_data_compromised': ['images of video meetings',
'computer screenshots',
'non-public financial documents',
'IT information',
'fiscal report preparation '
'data']},
'date_detected': '2023-10-15',
'date_publicly_disclosed': '2023-10-17',
'description': "A ransomware gang breached Jewett-Cameron Trading's IT "
'systems on October 15, encrypting parts of its internal '
'corporate systems and installing monitoring software. The '
'threat actors exfiltrated images of video meetings, '
'non-public financial documents, and IT information, including '
"data gathered for the company's annual fiscal report. The "
'company took affected systems offline as a precautionary '
'measure. The hackers demanded a ransom, threatening to '
'release the stolen data publicly if unpaid. The incident has '
'materially impacted operations and financial results for Q1 '
'2026. Law enforcement was notified, and cybersecurity experts '
'were hired to assist in recovery. The breach has been '
'contained, but systems are still being restored. No evidence '
'suggests personal data of employees, customers, suppliers, or '
'vendors was stolen, though the investigation is ongoing.',
'impact': {'brand_reputation_impact': 'potential investor backlash if data is '
'publicly released',
'data_compromised': ['images of video meetings',
'non-public financial documents',
'IT information',
'fiscal report preparation data'],
'downtime': 'ongoing (as of disclosure); portions of IT systems '
'and individual computers taken offline',
'identity_theft_risk': 'none reported (no evidence of personal '
'data theft)',
'operational_impact': 'material disruption to operations',
'payment_information_risk': 'none reported',
'revenue_loss': 'expected impact on financial results for Q1 2026',
'systems_affected': ['internal corporate systems',
'business applications supporting operations '
'and corporate functions']},
'initial_access_broker': {'high_value_targets': ['fiscal report preparation '
'data']},
'investigation_status': 'ongoing (source of breach identified and addressed; '
'no evidence of personal data theft)',
'motivation': 'financial gain (ransom demand)',
'ransomware': {'data_encryption': True,
'data_exfiltration': True,
'ransom_demanded': True},
'references': [{'date_accessed': '2023-10-17',
'source': 'SEC 8-K Filing by Jewett-Cameron Trading'},
{'source': 'FBI White Notice (2021) on Ransomware Targeting '
'Financial Events'}],
'regulatory_compliance': {'regulatory_notifications': ['SEC 8-K filing']},
'response': {'communication_strategy': ['SEC 8-K filing',
'no public comment beyond filing'],
'containment_measures': ['affected systems taken offline',
'source of breach identified and '
'addressed'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'recovery_measures': ['restoring impacted IT systems and '
'individual computers'],
'third_party_assistance': ['cybersecurity experts']},
'stakeholder_advisories': ['SEC filing warning investors'],
'title': 'Ransomware Attack on Jewett-Cameron Trading',
'type': ['ransomware', 'data breach', 'system disruption']}