American tool manufacturer Cornwell Quality Tools has reported a significant data breach affecting over 100,000 individuals. The company, headquartered in Ohio, discovered unusual activity within its network on December 20, 2024, and a subsequent investigation revealed that hackers accessed its systems as early as December 13, 2024.
Affected individuals received notification letters detailing the potential compromise of sensitive information, including their names, Social Security numbers, medical information, and financial account numbers. The incident has been officially reported to the Maine Attorney General’s Office, which confirmed that 103,782 people are impacted by this breach.
Details of the Incident
While Cornwell Quality Tools has not disclosed extensive details about the security breach, the Cactus ransomware group has claimed responsibility for the attack. In early February, the group published corporate documents and copies of driver’s licenses on its Tor-based leak website to substantiate its claims. The Cactus group ceased its activities in mid-March 2025, leaving uncertainty about whether they leaked the stolen data from Cornwell.
This is not the first time that Cornwell Quality Tools has faced a cyberattack. In late 2022, the Hive ransomware gang targeted the company, impacting more than 11,000 individuals at that time. The recurrence of such incidents raises concerns about the company’s cybersecurity measures.
Cornwell Quality Tools is known for manufacturing a range of tools, including ratchets, sockets, and wrenches, as well as tool storage equipment, which are distributed through hundreds of dealers across the United States. The recent breach has prompted the company to reassess its security protocols and consider the implications for its customers.
As the investigation continues, affected individuals are urged to monitor their financial accounts and personal information closely. The company has not provided further updates regarding remedial actions or support for those whose data may have been compromised.
The growing trend of ransomware attacks on businesses highlights the critical importance of robust cybersecurity measures in protecting sensitive information and maintaining customer trust.
