JCC
Company Details
Linkedin ID:
jewett-cameron
Website:
Employees number:
34
Number of followers:
1,931
NAICS:
None
Industry Type:
Homepage:
jewettcameron.com
IP Addresses:
0
Company ID:
JEW_3362747
Scan Status:
In-progress
Jewett Cameron Company Company CyberSecurity Posture
jewettcameron.com
Founded in Oregon in 1953, the Jewett Cameron Company strives to develop and build premier products in the fencing, pet home, and outdoor living markets. We are guided by our defining principles of crafted, stewardship and legacy. As such, we apply the same care in developing our products as we do investing in our people, our partnerships, our environment, and in the communities where we live, work and play. Recognized by The Oregonian / OregonLive.com as one of the Top Workplaces in Oregon and SW Washington!
Jewett Cameron Company A.I CyberSecurity Scoring
JCC Risk Score (AI oriented)Between 700 and 749
JCC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
JCC Global Score (TPRM)XXXX
JCC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
JCC Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Jewett-Cameron Trading
Ransomware
Rankiteo Explanation
Attack limited on finance or reputation
Description: Jewett-Cameron Trading, an Oregon-based producer of outdoor fence products, suffered a ransomware attack on October 15, where hackers breached its IT systems, encrypted corporate data, and installed monitoring software. The attackers exfiltrated images of video meetings, screenshots containing sensitive company information, and non-public financial documents including data prepared for the company’s upcoming SEC 10-K annual fiscal report. The threat actors demanded a ransom, threatening to publicly release the stolen data if unpaid. The incident caused operational disruptions, forcing the company to take critical business applications offline as a precaution. While no personal data of employees, customers, suppliers, or vendors was confirmed stolen, the attack materially impacted operations and is expected to affect Q1 2026 financial results. Law enforcement and cybersecurity experts were engaged, and the breach was contained, though system recovery remains ongoing. The company’s cyber insurance is expected to cover most recovery costs. The FBI had previously warned (2021) that ransomware gangs exploit financial reporting periods to extort companies by threatening to leak material nonpublic information, risking investor backlash and reputational damage.
JCC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for JCC
Incidents vs Consumer Goods Industry Average (This Year)
No incidents recorded for Jewett Cameron Company in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Jewett Cameron Company in 2026.
Incident Types JCC vs Consumer Goods Industry Avg (This Year)
No incidents recorded for Jewett Cameron Company in 2026.
Incident History — JCC (X = Date, Y = Severity)
JCC cyber incidents detection timeline including parent company and subsidiaries
JCC Company Subsidiaries
Founded in Oregon in 1953, the Jewett Cameron Company strives to develop and build premier products in the fencing, pet home, and outdoor living markets. We are guided by our defining principles of crafted, stewardship and legacy. As such, we apply the same care in developing our products as we do investing in our people, our partnerships, our environment, and in the communities where we live, work and play. Recognized by The Oregonian / OregonLive.com as one of the Top Workplaces in Oregon and SW Washington!
Loading...
JCC Similar Companies
Orang Tua Group
Selama lebih dari setengah abad, kami telah mengolah bahan-bahan dari sumber alam menjadi produk-produk berkualitas pilihan konsumen. Berawal dari produk minuman kesehatan dgn ramuan alamiah yg diolah secara tradisional, produk-produk kami berkembang semakin modern, canggih, praktis, & efisien sesua
Culligan International
There’s nothing more fundamental to life on Earth than water. That’s why Culligan believes if we can transform water, we can transform the world. With better science and better service, we change what’s possible for more people. Better drinking water for more neighborhoods and families. More s
.png)
JCC CyberSecurity News
January 14, 2026 09:21 PM
JEWETT CAMERON TRADING CO LTD SEC 10-Q Report
Jewett Cameron Trading Co Ltd, a company specializing in pet products, fencing, and industrial wood products, has released its Form 10-Q...
October 23, 2025 07:00 AM
Ransomware attack disrupts Jewett-Cameron operations
Jewett-Cameron, an Oregon-based producer of fencing, garden, and pet products, has confirmed having its business operations disrupted and...
October 23, 2025 07:00 AM
News - Jewett-Cameron Discloses Security Breach Affecting Confidential Data
Jewett-Cameron Trading Company recently reported a data security breach that exposed sensitive confidential information of the company.
October 22, 2025 07:00 AM
Fencing and Pet Company Jewett-Cameron Hit by Ransomware
Jewett-Cameron Company was recently targeted in a cyberattack that resulted in disruption and the theft of sensitive information.
October 22, 2025 07:00 AM
Meeting and financial secrets of American company stolen in ransomware attack
Ransomware gangs are becoming increasingly sophisticated, not only in the methods they use to launch their malware attacks, but also in the...
October 22, 2025 07:00 AM
Ransomware gang steals meeting videos, financial secrets from fence wholesaler
Jewett-Cameron Trading said hackers exfiltrated IT information as well as financial data the company has been gathering over the past few...
October 21, 2025 07:00 AM
Jewett-Cameron Trading reports cybersecurity incident affecting IT systems
Jewett-Cameron Trading Co. Ltd. (NASDAQ:JCTC), a small-cap company with a market value of $11.93 million currently trading near its 52-week...
April 10, 2025 07:00 AM
Operations of Sensor Giant Sensata Disrupted by Ransomware Attack
Sensata has informed the SEC that shipping, manufacturing and other operations have been impacted by a ransomware attack.
December 15, 2023 08:00 AM
Food Giant Kraft Heinz Targeted by Ransomware Group
A ransomware group claims to have breached the systems of Kraft Heinz, but the food giant says it's unable to verify the claims.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
JCC CyberSecurity History Information
Official Website of Jewett Cameron Company
The official website of Jewett Cameron Company is http://www.jewettcameron.com.
Jewett Cameron Company’s AI-Generated Cybersecurity Score
According to Rankiteo, Jewett Cameron Company’s AI-generated cybersecurity score is 719, reflecting their Moderate security posture.
How many security badges does Jewett Cameron Company’ have ?
According to Rankiteo, Jewett Cameron Company currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Jewett Cameron Company been affected by any supply chain cyber incidents ?
According to Rankiteo, Jewett Cameron Company has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Jewett Cameron Company have SOC 2 Type 1 certification ?
According to Rankiteo, Jewett Cameron Company is not certified under SOC 2 Type 1.
Does Jewett Cameron Company have SOC 2 Type 2 certification ?
According to Rankiteo, Jewett Cameron Company does not hold a SOC 2 Type 2 certification.
Does Jewett Cameron Company comply with GDPR ?
According to Rankiteo, Jewett Cameron Company is not listed as GDPR compliant.
Does Jewett Cameron Company have PCI DSS certification ?
According to Rankiteo, Jewett Cameron Company does not currently maintain PCI DSS compliance.
Does Jewett Cameron Company comply with HIPAA ?
According to Rankiteo, Jewett Cameron Company is not compliant with HIPAA regulations.
Does Jewett Cameron Company have ISO 27001 certification ?
According to Rankiteo,Jewett Cameron Company is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Jewett Cameron Company
Jewett Cameron Company operates primarily in the Consumer Goods industry.
Number of Employees at Jewett Cameron Company
Jewett Cameron Company employs approximately 34 people worldwide.
Subsidiaries Owned by Jewett Cameron Company
Jewett Cameron Company presently has no subsidiaries across any sectors.
Jewett Cameron Company’s LinkedIn Followers
Jewett Cameron Company’s official LinkedIn profile has approximately 1,931 followers.
NAICS Classification of Jewett Cameron Company
Jewett Cameron Company is classified under the NAICS code None, which corresponds to Others.
Jewett Cameron Company’s Presence on Crunchbase
No, Jewett Cameron Company does not have a profile on Crunchbase.
Jewett Cameron Company’s Presence on LinkedIn
Yes, Jewett Cameron Company maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/jewett-cameron.
Cybersecurity Incidents Involving Jewett Cameron Company
As of January 24, 2026, Rankiteo reports that Jewett Cameron Company has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Jewett Cameron Company has an estimated 1,638 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Jewett Cameron Company ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Jewett Cameron Company detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with cybersecurity experts, and and containment measures with affected systems taken offline, containment measures with source of breach identified and addressed, and recovery measures with restoring impacted it systems and individual computers, and communication strategy with sec 8-k filing, communication strategy with no public comment beyond filing..
Incident Details
Can you provide details on each incident ?
Title: Ransomware Attack on Jewett-Cameron Trading
Description: A ransomware gang breached Jewett-Cameron Trading's IT systems on October 15, encrypting parts of its internal corporate systems and installing monitoring software. The threat actors exfiltrated images of video meetings, non-public financial documents, and IT information, including data gathered for the company's annual fiscal report. The company took affected systems offline as a precautionary measure. The hackers demanded a ransom, threatening to release the stolen data publicly if unpaid. The incident has materially impacted operations and financial results for Q1 2026. Law enforcement was notified, and cybersecurity experts were hired to assist in recovery. The breach has been contained, but systems are still being restored. No evidence suggests personal data of employees, customers, suppliers, or vendors was stolen, though the investigation is ongoing.
Date Detected: 2023-10-15
Date Publicly Disclosed: 2023-10-17
Type: ransomware
Motivation: financial gain (ransom demand)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : ransomware JEW0892208102225
Data Compromised: Images of video meetings, Non-public financial documents, It information, Fiscal report preparation data
Systems Affected: internal corporate systemsbusiness applications supporting operations and corporate functions
Downtime: ongoing (as of disclosure); portions of IT systems and individual computers taken offline
Operational Impact: material disruption to operations
Revenue Loss: expected impact on financial results for Q1 2026
Brand Reputation Impact: potential investor backlash if data is publicly released
Identity Theft Risk: none reported (no evidence of personal data theft)
Payment Information Risk: none reported
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Images Of Video Meetings, Computer Screenshots, Non-Public Financial Documents, It Information, Fiscal Report Preparation Data and .
Which entities were affected by each incident ?
Incident : ransomware JEW0892208102225
Entity Name: Jewett-Cameron Trading
Entity Type: public company
Industry: manufacturing, wholesale distribution, lumber brokerage
Location: Oregon, USA
Customers Affected: none reported
Response to the Incidents
What measures were taken in response to each incident ?
Incident : ransomware JEW0892208102225
Incident Response Plan Activated: True
Third Party Assistance: Cybersecurity Experts.
Containment Measures: affected systems taken offlinesource of breach identified and addressed
Recovery Measures: restoring impacted IT systems and individual computers
Communication Strategy: SEC 8-K filingno public comment beyond filing
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through cybersecurity experts, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : ransomware JEW0892208102225
Type of Data Compromised: Images of video meetings, Computer screenshots, Non-public financial documents, It information, Fiscal report preparation data
Sensitivity of Data: high (non-public financial and corporate information)
Data Encryption: True
Personally Identifiable Information: none reported
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by affected systems taken offline, source of breach identified and addressed and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : ransomware JEW0892208102225
Ransom Demanded: True
Data Encryption: True
Data Exfiltration: True
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through restoring impacted IT systems and individual computers, .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : ransomware JEW0892208102225
Regulatory Notifications: SEC 8-K filing
References
Where can I find more information about each incident ?
Incident : ransomware JEW0892208102225
Source: SEC 8-K Filing by Jewett-Cameron Trading
Date Accessed: 2023-10-17
Incident : ransomware JEW0892208102225
Source: FBI White Notice (2021) on Ransomware Targeting Financial Events
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: SEC 8-K Filing by Jewett-Cameron TradingDate Accessed: 2023-10-17, and Source: FBI White Notice (2021) on Ransomware Targeting Financial Events.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : ransomware JEW0892208102225
Investigation Status: ongoing (source of breach identified and addressed; no evidence of personal data theft)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Sec 8-K Filing and No Public Comment Beyond Filing.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : ransomware JEW0892208102225
Stakeholder Advisories: Sec Filing Warning Investors.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Sec Filing Warning Investors.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : ransomware JEW0892208102225
High Value Targets: Fiscal Report Preparation Data,
Data Sold on Dark Web: Fiscal Report Preparation Data,
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Cybersecurity Experts, .
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was True.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-10-15.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-10-17.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were images of video meetings, non-public financial documents, IT information, fiscal report preparation data and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was internal corporate systemsbusiness applications supporting operations and corporate functions.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was cybersecurity experts, .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was affected systems taken offlinesource of breach identified and addressed.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were fiscal report preparation data, images of video meetings, IT information and non-public financial documents.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was True.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are SEC 8-K Filing by Jewett-Cameron Trading and FBI White Notice (2021) on Ransomware Targeting Financial Events.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is ongoing (source of breach identified and addressed; no evidence of personal data theft).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was SEC filing warning investors, .
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=jewett-cameron' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
