Cornwell Quality Tools Data Breach Affects Thousands

Published

September 8, 2025

Updated

September 8, 2025

Cornwell Quality Tools

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

Cornwell Quality Tools, a leading manufacturer and distributor in the automotive tool industry, experienced a data breach that has impacted thousands of individuals. The company detected suspicious activity on its internal network on Dec. 20, 2024.

An investigation revealed that an unauthorized actor had accessed the network and potentially acquired files as early as Dec. 12, 2024. The Cactus ransomware group claimed responsibility for the attack and stated they had obtained 4.6 terabytes of company data. The group's claim was publicly posted on the dark web Tor network on Feb. 3, 2025.

The stolen data included both personally identifiable information (PII) and protected health information (PHI). Information that may have been compromised included names, Social Security numbers, driver’s license numbers, financial account details, and health information. Cornwell Quality Tools began notifying impacted individuals by mail on Sept. 4, 2025.

The breach affected at least 2,236 individuals in Massachusetts alone. The cybersecurity incident was disclosed to Massachusetts and Vermont Attorney Generals' offices on Sept. 8, 2025.

Cornwell Quality Tools' response

In addition to required state and federal disclosures, the company is offering free IDX credit monitoring and identity theft protection services to all affected individuals. This includes dark web monitoring, a $1 million insurance reimbursement policy, and fully managed identity theft recovery services.

If you receive a data breach notice from Cornwell Quality Tools, you may want to:

Sign up for the free IDX credit monitoring and identity theft protection services, offered by the company.
Monitor your credit reports and financial accounts for any unusual activity.
Be alert for phishing emails or phone calls that may use your exposed information.
Consider placing a fraud alert or credit freeze with major credit bureaus.

More information about the company can be found on the Cornwell Quality Tools website.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.