As was first communicated on November 24, 2020, Belden Inc. (NYSE: BDC) was the victim of a sophisticated cyber-attack that may have exposed the personal information of current and former employees and some of their spouses, dependents, and relatives, and limited company information regarding some business partners.
On the evening of November 12, 2020, Belden IT professionals detected unusual activity involving certain company servers. We immediately triggered our cybersecurity incident response plan, deployed teams of internal IT specialists, and engaged leading third-party cybersecurity forensic experts and other advisors to identify the scope of the incident and move quickly to mitigate the impact. Forensics experts determined that we were the target of a sophisticated attack by a party outside the company. In addition to containing personal information of some current and former employees, we subsequently learned that our servers also contained some health-related information of some current and former employees, as well as some personal and health-related information of some spouses, dependents, and relatives of some current and former employees.
The personal and health-related information involved in this incident may have included names, birthdates, government-issued identification numbers (for example, social security number), bank account information (for North American employees on Belden payroll), home addresses, email addresses, other general employment-related information (for Belden employees), gender, and benefits information, such as UMI (member) number, group number, coverage category, primary source of coverage, the effective date of that coverage, any additional sources of coverage, the effective date of additional coverages, their relationship to a Belden employee, and other benefits information. For individuals involved in a workers’ compensation claim associated with Belden, the personal and health-related information may have also included some information about their injury. For Belden personnel in insurance claims dispute discussions, the information about them may have included diagnosis and treatment information related to the claim. Otherwise, Belden personnel do not have access to individuals’ diagnosis and treatment information.
As we have previously stated, our investigation into this incident is ongoing. However, we are confident that we have stopped further unauthorized access of personal and health-related data on our servers. In addition to notifying law enforcement and regulatory authorities, we are continuously monitoring for any suspicious activity on our systems and have deployed additional resources to reinforce the security of our systems.
For individuals impacted by the incident for whom we had addresses, notification letters have been sent to the most recent addresses available for those impacted by the incident. The letters contain information about identity monitoring services Belden is making available to mitigate the potential impact of this incident.
If you did not receive a letter, but believe you may have been impacted by this incident, you may contact us at 1-833-971-3268, Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time or at email@example.com.
Belden Inc. delivers a comprehensive product portfolio designed to meet the mission-critical network infrastructure needs of industrial and enterprise markets. With innovative solutions targeted at reliable and secure transmission of rapidly growing amounts of data, audio and video needed for today’s applications, Belden is at the center of the global transformation to a connected world. Founded in 1902, the company is headquartered in St. Louis and has manufacturing capabilities in North and South America, Europe and Asia. For more information, visit us at www.belden.com or follow us on Twitter @BeldenInc.