August 6, 2024 · Applied Cybernetics Group
KEY TRONIC CORP — 8-K Item 1.05
- Filer
- KEY TRONIC CORP (KTCC)
- CIK
0000719733- Accession
0000719733-24-000047- Filed
2024-08-06- Records
- not stated
- Attacker
- unstated
- EDGAR
- https://www.sec.gov/Archives/edgar/data/719733/000071973324000047/ktcc-20240506.htm
Narrative (as filed)
As a precautionary measure, the Company halted domestic and Mexico operations for approximately two weeks during remediation efforts. After production was restarted, these locations returned to near capacity approximately another two weeks later. Other international operations continued production without material disruption from the cybersecurity incident. During the disruption of business, the Company continued to pay wages in accordance with statutory requirements. The Company also deployed new IT-related infrastructure and engaged cyber security experts to remediate the incident. The Company’s operations and corporate functions were restored in mid-June, and we believe that the unauthorized third party no longer has access to the Company’s IT systems. Also as previously disclosed, the Company determined that the threat actor accessed and exfiltrated limited data from the Company’s environment, which includes some personally identifiable information. The Company is continuing the process of providing appropriate notifications to potentially affected parties and to regulatory agencies as required by applicable law. As part of the closing process for the fourth quarter of fiscal year 2024, the Company has determined that, due to the cybersecurity incident, it incurred approximately $2.3 million of additional expenses, and was unable to fulfill approximately $15 million of revenue during the fourth quarter. Most of these orders are expected to be fulfilled in fiscal year 2025. Forward-Looking Statements. This Current Report contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These statements address the Company’s expectations or beliefs regarding future events, actions or performance, including the investigation, containment and remediation of the cybersecurity incident and the impact on the Company, including its financial condition and results of operations. Factors that could affect future developments and performance include the possibility that containment and remediation may not be successful, the improper use of exfiltrated information and related regulatory proceedings or litigation and other risks and factors contained in the documents that the Company has filed with the Securities and Exchange Commission.