Drummond Company Data Breach Exposes Personal Info Including SSNs

Drummond Company Inc., a privately owned mining and metals company headquartered in Birmingham, Alabama, disclosed a data breach involving unauthorized access to an employee's email account.

The breach was reported to the Massachusetts Office of Consumer Affairs and Business Regulation. Drummond discovered the incident on Feb. 23, 2026, and the company's notification to affected individuals was dated March 31, 2026.

The total number of people affected nationwide was not disclosed in the available filings.

What happened in the Drummond Company data breach

An unauthorized third party gained access to the email account of a Drummond Company employee. The specific method the intruder used to compromise the account was not detailed in the notification.

The exact dates during which the unauthorized party had access were also not disclosed.

An investigation into the incident found that files stored within the compromised email account may have been subject to unauthorized access. The company conducted an in-depth review of the account to determine what personal information it contained and who might be affected.

The types of personal information exposed included names, Social Security numbers and financial account numbers. According to the notification, the financial account numbers did not include PINs or access codes.

Drummond Company's response to the breach

Drummond is offering affected individuals 24 months of complimentary credit monitoring services through Cyberscout, a TransUnion company that specializes in fraud assistance and remediation.

The credit monitoring package includes single bureau credit monitoring, a single bureau credit report and a single bureau credit score. These services send alerts when changes occur to a person's credit file, with notifications delivered the same day the change is recorded at the bureau.

Drummond is also providing proactive fraud assistance to help affected individuals with questions or in the event they become a victim of fraud.

To enroll in the complimentary monitoring service, affected individuals should visit the Cyberscout enrollment page and enter the unique activation code included in their notification letter. Enrollment must be completed within 90 days of the date of the letter, so those who received a notice should act promptly.

Drummond established a dedicated support team for affected individuals with questions about the incident or help with enrollment. The team is available from 7 a.m. to 7 p.m. CDT, Monday through Friday, excluding major U.S. holidays, and the phone number was included in individual notification letters.

Steps to take if your information was exposed

• Place a security freeze on credit files by contacting each of the three major credit bureaus: Equifax (1-888-298-0045), Experian (1-888-397-3742) and TransUnion (1-800-916-8800).
• Consider placing a fraud alert with one of the three credit bureaus, which will then notify the other two and require creditors to take extra steps to verify identity before opening new accounts.
• Request free credit reports at AnnualCreditReport.com and review them carefully for any accounts or activity that look unfamiliar.
• Monitor financial account statements closely for unauthorized transactions and report anything suspicious to the financial institution right away.
• Watch for phishing attempts that reference Drummond Company or this data breach by name, as scammers sometimes use real breach notifications to trick people into sharing more personal information.
• Report any signs of identity theft to the Federal Trade Commission at identitytheft.gov or by calling 1-877-438-4338.