Cornwell Quality Tools has confirmed a major ransomware attack by the Cactus group, exposing the personal and medical information of over 100,000 individuals. The breach, which occurred in December 2024, highlights the persistent threat of ransomware to the manufacturing sector.
Streaming media giant Plex has confirmed a significant data breach, exposing user emails, usernames, and hashed passwords. The company is urging all users to reset their passwords immediately and enable two-factor authentication to secure their accounts.
Cybersecurity firm Tenable has confirmed it was a victim of a major supply chain attack that compromised customer data. The breach originated from a third-party vendor, Salesloft Drift, and has impacted more than 700 organisations.
Cornwell Quality Tools has confirmed a major ransomware attack by the Cactus group, exposing the personal and medical information of over 100,000 individuals. The breach, which occurred in December 2024, highlights the persistent threat of ransomware to the manufacturing sector.
Cyber News Centre's cyber update for 12th September 2025: Cornwell Quality Tools has disclosed a major ransomware attack that compromised the personal and medical information of over 100,000 individuals.
Cornwell Quality Tools is a 106-year-old American manufacturer of automotive and heavy-duty tools, based in Ohio. The company sells its products through a network of franchised dealers across the United States.
The Update: Cornwell Quality Tools has confirmed a significant data breach affecting 103,782 individuals, following a ransomware attack in December 2024. The intrusion, later claimed by the Cactus ransomware group, compromised names, Social Security numbers, medical information, and financial account details. Cactus claimed responsibility in February 2025, boasting it had stolen 4.6 terabytes of data, and published sample documents online as proof, including driver’s licence scans, tax records, and credit applications.
Cornwell became aware of unusual activity on 20 December 2024 and quickly engaged cybersecurity experts. Its investigation found that attackers had accessed the network around 12 December 2024. Despite this early detection, there was no public notice from Cornwell until nearly nine months later. After months of reviewing affected files and updating contact details, the company began notifying victims on 4 September 2025. The Maine Attorney General’s Office confirmed the incident impacts 103,782 people.
Why it Matters: The Cornwell Quality Tools breach underscores the persistent and severe threat ransomware poses to the manufacturing sector, which remains the most targeted industry globally. According to the Dragos Industrial Ransomware Analysis, manufacturing made up 65% of all industrial ransomware incidents worldwide, with 428 cases recorded between April and June 2025. The theft of medical and financial records from a toolmaker illustrates how attackers exploit any organisation that processes sensitive data, not only those in healthcare or finance.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Streaming media giant Plex has confirmed a significant data breach, exposing user emails, usernames, and hashed passwords. The company is urging all users to reset their passwords immediately and enable two-factor authentication to secure their accounts.
Cybersecurity firm Tenable has confirmed it was a victim of a major supply chain attack that compromised customer data. The breach originated from a third-party vendor, Salesloft Drift, and has impacted more than 700 organisations.
Western Sydney University reveals a staggering $53 million cost to manage a series of cyber attacks allegedly carried out by a former student. The breach exposed the data of 10,000 students, including passports, visas, and financial details, prompting a major response and police action.
Canadian fintech firm Wealthsimple has disclosed a data breach affecting 30,000 clients after a third-party vendor was compromised. The incident exposed sensitive personal information, including Social Insurance Numbers, prompting an immediate response and enhanced security measures.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
