McCormick Hostage Data: Ransomware and Protecting Your Digital Information

As cyber attacks are on the rise, it is important that all McCormick employees ensure that they are using good password habits and multi-step verifications to protect the company data, recommends Michael Corgiat, a representative of The Retirement Group, a division of Wealth Enhancement Group.

It is therefore important that McCormick employees take conscious measures to prevent their personal and company data from being compromised by ransomware attacks by being aware of phishing scams and ensuring that their systems are up to date, stresses Brent Wolf, a representative of The Retirement Group, a division of Wealth Enhancement Group.

Here are three brief main topics for your article:

The Colonial Pipeline attack and other recent ransomware attacks on critical infrastructure.
How ransomware works, and the rising risk to people and businesses.
Some practical ways to secure electronic information, with a focus on good passwords and other safety tips.

Have you noticed that gas prices in your area are through the roof? Colonial Pipeline, which carries almost 50% of East Coast crude oil from Texas to New Jersey halted operations on May 7, 2021, after a ransomware attack. The pipeline was restarted in one week after Colonial paid the $4.4 million ransom, after the group behind the attack notified the company of the breach.

Although there was enough gas in storage to stabilize demand, panic buying led to shortages on the East Coast of the United States and pushed the national average gas price above $3.00 per gallon for the first time since 2014 although there was enough gas to meet demand.[1]. Ransomware has been around for some time, but the Colonial Pipeline attack highlighted the risk to critical infrastructure and triggered a strong federal response. Interestingly enough, the DOJ was able to recover most of the ransom, and DarkSide, the group behind the attack, announced that it would be halting its operations.[2.]

More Articles Like This One:

The Department of Homeland Security has issued new rules that require critical pipeline owners and operators to report cybersecurity incidents within 12 hours and review their cybersecurity posture and submit the results within 30 days.[3] As we have seen the incident has underscored the need for government efforts to improve the nation’s cybersecurity and to form an international partnership to hold nations that shelter cybercriminals accountable.[4.]

Malicious Code:

As a McCormick company, it is important that you understand the basics of cyber attacks in order to protect your assets from threats. Ransomware is a type of malicious code (malware) that compromises the victim’s computer system and the attacker uses the compromised system to encrypt files for which a ransom is demanded in exchange for the decryption key. Some of the attackers may also threaten to leak the company’s data. Globally, an estimated 305 million ransomware attacks were recorded in the year 2020 as compared to a 62% increase from the previous year, 2019. More than 200 million were reported in the United States.[5] Cybercriminal gangs have shifted their attention from targeting ‘data-intensive’ organizations such as retailers, insurers, and financial services to targeting businesses and other entities that are critical to the public health. JBS USA Holdings, a company that handles one-fifth of the U.S. livestock production, paid $11 million ransom, one week after the Colonial Pipeline attack.[6] As a result of relatively low spending on cybersecurity, healthcare systems are also a prime target, putting patient care at risk.[7] State and local governments, schools, and private companies of all sizes are also frequently attacked.[8]

As cyber attackers have chosen McCormick employees as their target audience, it is crucial to enhance cybersecurity at your workplace and residential networks to avoid risks. Typically, ransomware groups, which are mainly from Russia and other countries in the Eastern region, set their ransoms based on the level of the victim company’s funds. Large operations may end in negotiation between the middle men and the victims or the cyber insurance companies. Although the FBI doesn’t recommend paying the ransom, key organizations and entities might not be able to afford to rebuild their IT systems and the cost of doing so may well be higher than the ransom demanded.[9]

Protecting Your Data:

Do you know that ransomware attacks are increasingly targeting seniors? According to the FBI, older people are especially vulnerable to ransomware scams because they are not very familiar with the cyber security measures and tend to open any email or make any call from an unknown number. Scammers especially target retirees, taking advantage of their fear of losing important information or their access to certain accounts. It is crucial for people in their 60s, including those working for McCormick or retiring, to know the dangers and how to protect their electronic information. Major ransomware groups tend to target more profitable targets, but many cybercriminals attack individual consumers and demand ransom to lock their data, access their financial accounts, and sell their personal data.

If you work for McCormick and you think that you or your company is at risk of being targeted by ransomware, the following will assist you in protecting your data.[10] Use good passwords and keep them safe. The Colonial Pipeline attack occurred through a leaked password of an old account that had remote server access,[11] which is why, as an employee of McCormick and a potential target, your first line of defence is a good password. Use between 8 and 12 characters, including a mix of case, numbers, and special characters. Passwords that are longer and more complex are better than those that are short and simple. Avoid using personal information and words that can be found in the dictionary.

One way to do this is to use a password that can be transformed and remembered. For instance, Jack and Jill going up the hill to get a pail of water can be written as J&jwuth!!2faPow. It is more advisable to have different passwords for different accounts than to reuse a good password. You should use a password manager that generates random passwords that can be remembered using a strong master password. Do not share or write down your passwords. No simple solutions. When creating security questions that can be used to recover a password, be careful. Given that there is a lot of actual information that can be found online, it might be beneficial for employees of McCormick to use fictitious answers that they can remember. If a criminal can guess your answer from the information that he or she got from the internet (for example, from your online profile), then he or she will be able to change your password and gain access to your account. Take two measures. Even if a thief gets your password, two-factor authentication, which is usually a text or email code sent to your phone, provides an extra protection.

Consider before clicking. As an employee of McCormick using work systems, it is necessary to know that the most common way of transmitting ransomware and other malicious code to the affected computer is through a ‘phishing’ email that would require the recipient to open a link. There is no need to click on a link in an email or text message unless you know who sent it and where it is leading to. Install anti-virus software. Get and keep anti-virus software, a firewall, and an email filter. Old antivirus software does not provide protection against the latest infections. Backup your data. Back up to an external hard drive at regular intervals. The drive should be disconnected from the network during the intervals to enhance security. Maintain system updates. Use the latest operating system that is compatible with your computer and install security updates.

Most of the ransomware attacks are based on operating system and application vulnerabilities. If you get a message on your personal or company computer that you are infected with a virus or that your data is being demanded as a ransom, it is more likely a fake pop-up than an actual attack. These pop-ups are usually followed by a phone number for so-called technical support or to make a payment. As an employee of McCormick, it is crucial that you do not make a call and do not click on the window and any links to avoid compromising the system. Try to close your browser and shut down your computer. More information and other tips can be found at the Cybersecurity & Infrastructure Security Agency website at us-cert.cisa.gov/ncas/tips.

Conclusion:

Featured Video

Articles you may find interesting:

Think of your digital information as a valuable property, like a family heirloom. This is why it is crucial to protect your data from ransomware as you do with your valuable items. Ransomware can be regarded as a clever burglar who steals your digital family heirloom and demands a ransom for it. By using strong passwords, having anti-virus software and being careful of phishing, you are in a way locking the digital safe. Another way of protecting your data is to make sure that you are backing up your data. This is because just as you would keep a copy of your heirloom in a different place, you do not want to leave your precious assets unattended. Hence, it is crucial to be proactive in protecting your digital assets so that you do not lose control over them.

Sources:

1. Morgan Stanley. Cybersecurity for Seniors: A Guide for Loved Ones . 2021. morganstanley.com .

2. National Council on Aging. Improving Personal Cybersecurity: 5 Tips for Seniors . 2021. ncoa.org .

3. Texas Department of Information Resources. Cybersecurity Tips for Retirees and Retirement-age Individuals . 2024. dir.texas.gov .

4. Wyoming Enterprise Technology Services. Seniors Online Safety Tips . 2021. ets.wyo.gov .

5. Florida Senior Consulting. Cybersecurity Guide for Seniors: A 2025 Update . 2025. floridaseniorconsulting.com .

What is McCormick's 401(k) plan?

McCormick's 401(k) plan is a retirement savings plan that allows employees to save for their future by contributing a portion of their salary on a pre-tax or after-tax basis.

How can I enroll in McCormick's 401(k) plan?

Employees can enroll in McCormick's 401(k) plan by completing the enrollment process through the employee benefits portal or by contacting the HR department for assistance.

Does McCormick match employee contributions to the 401(k) plan?

Yes, McCormick offers a matching contribution to the 401(k) plan, which helps employees maximize their retirement savings.

What is the vesting schedule for McCormick's 401(k) matching contributions?

McCormick has a vesting schedule that outlines how long employees must work at the company to fully own the matching contributions made to their 401(k) accounts.

Can I change my contribution percentage to McCormick's 401(k) plan?

Yes, employees can change their contribution percentage to McCormick's 401(k) plan at any time, typically through the employee benefits portal.

What investment options are available in McCormick's 401(k) plan?

McCormick's 401(k) plan offers a variety of investment options, including mutual funds, target-date funds, and other investment vehicles to suit different risk tolerances.

How often can I make changes to my investments in McCormick's 401(k) plan?

Employees can typically make changes to their investment allocations in McCormick's 401(k) plan on a quarterly basis or as specified in the plan documents.

Is there a loan option available in McCormick's 401(k) plan?

Yes, McCormick's 401(k) plan may allow employees to take loans against their account balance, subject to certain terms and conditions.

What happens to my 401(k) plan if I leave McCormick?

If you leave McCormick, you have several options for your 401(k) plan, including rolling it over to an IRA or a new employer's plan, cashing it out, or leaving it in the McCormick plan if permitted.

Are there any fees associated with McCormick's 401(k) plan?

Yes, there may be administrative and investment fees associated with McCormick's 401(k) plan, which are disclosed in the plan documents.

With the current political climate we are in it is important to keep up with current news and remain knowledgeable about your benefits.

McCormick's primary pension plan is the "McCormick & Company, Inc. Pension Plan." Years of Service and Age Qualification: Employees generally need a minimum of 5 years of service to qualify for benefits. The typical age qualification for full benefits is 65, although early retirement options may be available with reduced benefits. Pension Formula: The pension formula is generally based on years of service and average salary during the highest earning years, though specific formulas may vary by plan specifics and employee tenure. McCormick offers a 401(k) plan named the "McCormick & Company, Inc. 401(k) Plan." Qualifications for 401(k) Plan: Eligibility is typically available to employees after completing 30 days of service. Employees can contribute a portion of their salary to the 401(k) plan and may receive company match contributions based on the plan's terms.

Layoffs and Restructuring: In early 2024, McCormick announced a significant restructuring plan aimed at streamlining operations and improving efficiency. This includes the elimination of approximately 1,000 jobs globally, which represents around 5% of its workforce. The company cited the need to adapt to changing market conditions and enhance its competitiveness in the industry. This move is crucial to monitor due to its impact on employees and the broader implications for the food industry. The current economic climate, characterized by inflation and shifting consumer behavior, underscores the importance of understanding such corporate strategies and their long-term effects. Company Benefits and 401k Changes: Alongside the layoffs, McCormick is revising its employee benefits package, including adjustments to its 401k matching contributions. The company is reducing its 401k match from 6% to 4% and modifying healthcare benefits to reduce costs. These changes are part of a broader effort to control expenses amid economic uncertainty. It is essential to stay informed about these developments, as they reflect broader trends in corporate benefits adjustments driven by the current economic, investment, and tax environment. Understanding these changes can help employees better prepare for their financial futures.

McCormick & Company offers stock options and RSUs as part of their compensation package. For 2022, eligible employees include senior executives and other high-level employees based on their performance and role. McCormick uses acronyms like SOP (Stock Option Plan) and RSU (Restricted Stock Unit) in their documentation.

Healthcare Plans: McCormick offers a variety of healthcare plans including medical, dental, and vision insurance. They have multiple plan options to cater to different needs, such as PPO and HMO plans. Benefits Overview: McCormick provides comprehensive coverage with preventive care, prescription drug benefits, and wellness programs. They also have a telemedicine option and employee assistance programs (EAP). Recent Updates: The company has been updating its benefits to include more mental health resources and virtual care services.