On June 2, Grainger’s IT security team discovered that the company was the subject of a cyberattack and that the intruders were able to access limited information on Grainger’s network. In response, Grainger immediately began following its cybersecurity protocol by working with leading cybersecurity experts to investigate the situation; implementing enhanced security measures; and quickly notifying law enforcement officials. The company has not experienced any service disruptions or outages as a result of the incident.
The initial phase of this ongoing investigation is complete. At this time, Grainger has no evidence there is any impact to customers, suppliers or employees because there is no indication that information such as social security numbers or government identification numbers, banking information or credit/debit card information have been compromised by this incident. However, out of an abundance of caution, Grainger is offering 12 months of complimentary identity protection services to customers and employees.