Breach taxonomy
Summary
On October 15, 2025, Jewett-Cameron Trading Co. Ltd. discovered a threat actor had gained unauthorized access to its IT environment, deploying encryption and monitoring software and exfiltrating images of video meetings, computer screens, and financial/IT information. The threat actors demanded a monetary payment threatening to release the exfiltrated data publicly. The company took affected systems offline, contained the intrusion, and engaged cybersecurity experts and law enforcement. Operations were materially impacted, and the company expected costs to be largely covered by its cybersecurity insurance policy.
Tagging rationale
ThreatCyber Criminals
Filing states the threat actors 'threatened to release this information publicly if the Company does not provide them with a monetary payment' — financially motivated extortion indicates cyber criminals → CYBER-CRIMINALS.
MethodsRansomwareData Exfil
Filing confirms 'unauthorized access and deployment of encryption and monitoring software' (ransomware) and 'although the Company ascertained that certain information was exfiltrated' → RANSOMWARE + DATA-EXFIL.
AssetsConfidential Biz
Exfiltrated data included images of video meetings, computer screens, and IT/financial information the company had been gathering for SEC filings → CONFIDENTIAL-BIZ.
EffectsCyber ExtortionBiz Interruption
Filing states threat actors demanded monetary payment threatening public release → CYBER-EXTORTION; systems taken offline with operations materially impacted and potential Q1 FY2026 financial impact → BIZ-INTERRUPTION.
Business continuityPartial
Company voluntarily took systems offline and is working to restore them, but notes 'the extended period that the Company has been and may continue to be offline, operations may be materially impacted' → Partial.
Impact
Ransomware with data exfiltration and extortion at a small company; operations materially impacted with potential Q1 FY2026 financial impact; cyber insurance expected to largely cover costs → score 3.
InsuranceYes
Filing states 'the Company believes that the costs associated with these activities will be largely covered by the Company's cyber security insurance policy' → true.
Read the original SEC filing excerpt
Item 1.05. Material Cybersecurity Incidents. On October 15, 2025, Jewett-Cameron Trading Co. Ltd. (the Company) learned that a threat actor had gained unauthorized access to portions of the Company's information technology (IT) environment and claimed to have unlawfully accessed certain Company information and data. The Company immediately activated its cyber incident response process to contain the intrusion, assess and investigate the incident and implement remedial measures. The Company also immediately notified law enforcement and retained external cybersecurity experts to assist. Based on its investigation to date, the Company believes that the cybersecurity incident consisted of unauthorized access and deployment of encryption and monitoring software by a third party to a portion of the Company's internal corporate IT systems. The incident caused disruptions and limitation of access to portions of the Company's business applications supporting aspects of the Company's operations and corporate functions, which the Company voluntarily took offline as a precautionary measure. Although the Company ascertained that certain information was exfiltrated, it is still investigating the extent of compromise of any sensitive information contained within the accessed IT systems. However, it is believed that the threat actors unlawfully accessed certain computer systems and exfiltrated images of video meetings and computer screens that may contain sensitive Company information. The threat actors have threatened to release this information publicly if the Company does not provide them with a monetary payment. The Company has taken additional cybersecurity measures in response to this incident including closing off the point of unlawful access and bolstering its cyber defensive capabilities. The Company believes that the costs associated with these activities will be largely covered by the Company's cyber security insurance policy.