Important information to former Uponor employees related to potential personal data breach following cyber attack against the Group
On 5 November 2022, Uponor was subject to a cyber attack impacting its operations in Europe and North America. Uponor took immediate action to investigate and remediate the situation. A press release related to the matter was published on 7 November 2022 and on 18 November 2022.
Based on the investigations, there is indication of employee personal data breach in some countries where Uponor operates. Since we can’t exclude the data breach impacting also other countries, we are notifying all Uponor’s employees. Unfortunately, this may also affect former Uponor employees’ personal data to certain extent. There is no immediate evidence that personal data has been published into the public domain, but this is a potential risk. Uponor will monitor the situation and will issue a new communication in case Uponor would learn that the data has been published.
Uponor is working tirelessly to restore the security of the affected data and to monitor any developments in the matter.
With this communication, we notify all persons who have worked in an Uponor Group company of a personal data breach, or potential breach in some countries, due to the cyber attack. The possible breach relates to the personal data processed by Uponor during the employee’s employment for the purpose of managing the employment relation.
To protect your personal data from being used maliciously in case the data would become available in the public domain because of the cyber attack, we advise you to follow the instructions attached to this communication. Further country specific instructions will be available on local Uponor websites.
If you have further questions on the breach or on protecting your personal data, please contact privacy@uponor.com.
Preventive actions to improve personal data security
You can take the following individual preventive actions, on a regular basis, to improve your own data security.
- Use password best practices. Do not share your passwords, use different passwords on each service and activate multifactor authentication when possible. This minimizes the risk malicious actors are able to use your credentials.
- Change your passwords on private accounts, if you have used the same password on Uponor-related applications. When you change a password, change it completely. Do not just add or change a few letters, numbers or symbols.
- Consider using a password manager (e.g., Keeper, 1Password, LastPass) which helps you to use long, difficult-to-guess and totally random passwords for each personal application or account with low effort. Password managers can also generate good passwords for you.
- Be careful with unknown attachments and links, social media connections requests and similar.
- It is always a good practice to verify your financial statements, and similar, to identify unknown transactions. Inform your financial institute immediately if you notice suspicious transactions.
- Consider using specific services to monitor the use of your identity, should such be available in your country.