Karndean Designflooring Data Breach Exposes 600GB Data

Luxury vinyl flooring manufacturer Karndean Designflooring experienced a cyberattack. Beginning on Aug. 15, 2025, the CRYPTO24 ransomware group claimed responsibility for the incident and posted the company’s full domain and more than 600 GB of stolen data for download on its dark web portal.

The data breach compromised personally identifiable information (PII). Exposed information included names, Social Security numbers, driver's license or state ID information and financial account information. The sensitive nature of the information, along with the volume of data exposed puts individuals at risk of identity theft or financial fraud.

Karndean Designflooring disclosed the cybersecurity incident to the Massachusetts Attorney General's office on Sept. 30, 2025. The total number of affected individuals has not been released, but may include both employees and customers.

Karndean Designflooring's response

In addition to required state and federal disclosures, the company will notify impacted individuals by mail.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Karndean Designflooring.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

To learn more about the company, visit the Karndean Designflooring website.