On December 20, 2024, Cornwell Quality Tools (“Cornwell”) became aware of suspicious activity on its computer system, indicating a data breach. Based on a subsequent forensic investigation, Cornwell determined that cybercriminals infiltrated this inadequately secured network and gained access to its files on or around December 12, 2024. The investigation further determined that, through this infiltration, cybercriminals accessed and/or acquired files containing the sensitive personal information of 103,782 individuals.
The cybercriminal gang Cactus listed Cornwell as a victim on its dark website in February, claiming to have stolen 4.6 terabytes of Cornwell’s data.
The information exposed in the data breach includes, but is not limited to:
- Names
- Social Security numbers
- Financial account information
- Medical information
As a result of the Cornwell data breach, these individuals’ personal and highly confidential information may be in the hands of cybercriminals who can place the information for sale on the dark web or use the information to perpetrate identity fraud.
Murphy Law Firm is investigating claims on behalf of all individuals whose personal and confidential information was potentially compromised in the data breach. We are evaluating legal options, including a potential class action lawsuit, to recover damages for individuals who were affected by the Cornwell Quality Tools data breach.