Pro Mach Inc. (“ProMach” or the “company”) understands the importance of protecting personal data and retaining the trust of customers and employees. Unfortunately, ProMach was the victim of a cyberattack, and certain sensitive personal data within the company’s custody and control was compromised. Please see below for more information on the scope and nature of this incident and the resources available to you.

What Happened?

On September 8, 2023, ProMach discovered that a third party gained unauthorized access to its information technology environment. The company immediately deployed security measures to contain and mitigate this threat and retained an external incident response team to accelerate recovery efforts. Because of the substantial security controls implemented prior to this cybersecurity incident, ProMach was able to contain the threat and return to a normal state of business operations. ProMach proactively notified the Federal Bureau of Investigation (FBI) of this incident and is assisting with its investigation.

What Personal Data Was Impacted?

As part of the internal investigation into this cyberattack, ProMach identified that an unauthorized third party gained access to sensitive personal data within ProMach’s HR files, such as payroll, tax withholding, and benefits enrollment data and similar data within personnel files.

What You Can Do.

Based on the measures that ProMach has implemented, and the actions taken, there is no indication that any sensitive personal data involved in this cybersecurity incident has been misused or will be misused in the future. Yet, out of an abundance of caution, ProMach is providing complimentary credit monitoring and identity theft protection services to those individuals who may have been impacted by this cybersecurity incident.

• If you are a current employee of ProMach, you will receive in the mail a separate notice about this incident and the services available to you.

• If you are a former employee of ProMach, please inquire (via the phone number provided in the “For More Information / FAQ” paragraph below) as to whether your personal data was subject to this incident and whether you are eligible to enroll in complimentary credit monitoring services.

Suppliers and Customers.

ProMach does not retain sensitive personal data on our customers, clients, or suppliers, and therefore no such personal data was impacted in this incident.

For More Information / FAQ.

ProMach has established a dedicated call center to answer questions you may have about this incident, which you can reach at 855-457-8895, Monday – Friday, 9:00 am to 9:00 pm (EST).

In order to help answer some of the concerns you may have, we have drafted responses to Frequently Asked Questions (FAQ), and it is available here: https://www.promachbuilt.com/securityincident/faq.

Please see our Additional Data Security Information worksheet for information on resources potentially available to you: https://www.promachbuilt.com/securityincident/additionalinformation.