Notification of a Cybersecurity Incident

303 Moodie Dr. Unit 571 Ottawa, ON K2H 9R4

343-466-2070

support@glareceramic.com

0 Account

June 30, 2021

We would like to let you know of a recent cybersecurity incident that impacted our operations in Canada, Australia and New Zealand earlier this month. This incident has been contained and is not ongoing. Please read the below if you placed or attempted to place an order on, or received an order from, our Canadian website since June 2019. If you are an Australian or New Zealand customer, please refer to this page instead.

We take the privacy and security of our customers’ personal information very seriously, and are providing this statement to explain the incident, the personal information that may have been impacted, the measures we have taken in response, and the steps you should consider taking to help protect your information and identity.

ABOUT THE INCIDENT

On June 7, 2021, Glare Ceramics cybersecurity systems triggered an alert. Upon investigating the alert, we determined that a potential unauthorized intrusion into Glare Ceramics systems may have occurred. We promptly initiated a cybersecurity response and launched an investigation to determine the nature and scope of the incident. We also engaged a cybersecurity firm to assist in strengthening our systems, investigating the incident, and identifying any potentially compromised information.

The investigation has determined that an unauthorized third party accessed and acquired data from Glare Ceramics servers between June 4 and June 13, 2021. We have successfully terminated this unauthorized access and have reported the incident to law enforcement. We also conducted a review of the data that was likely impacted to identify individuals and entities whose personal and/or sensitive information may have been affected.

PERSONAL INFORMATION IMPACTED

Based on the review, we determined that the likely impacted data contained information regarding orders attempted or placed on Glare Ceramics Canadian website between June 1, 2019 and May 31, 2021, including customer names, email addresses, order numbers, order dates, telephone numbers and billing addresses associated with such orders. It also included shipping addresses associated with orders placed since June 2020.To our knowledge, no payment or credit card information or passwords of any of our website customers were compromised in this incident. We have directly reached out via email to affected website customers. We further determined that certain personal and/or sensitive information associated with a smaller number of Glare Ceramics Canada employees, non-website customers, and vendors was likely affected. Glare Ceramics has also directly notified such affected individuals and entities.

WE ARE TAKING A NUMBER OF STEPS FOR YOUR PROTECTION

Safeguarding our customers’, employees’ and vendors’ information is essential to us, and we will continue to invest in hardening our defences. We have put in place additional security measures to help prevent a similar incident and will utilize the information revealed in the analysis of this incident to further strengthen the security of our network, systems, and information. We will collaborate fully with any law enforcement investigation into this incident.

STEPS YOU CAN TAKE TO MINIMIZE RISKS TO YOUR INFORMATION

While our investigation has not revealed the public disclosure or use of any compromised information for fraudulent purposes, we encourage all of our website customers to take steps to protect themselves against the potential misuse of any compromised information. You should:

• Keep an eye out for phishing emails and other fraudulent communications. Unless you contact us, we will not call or text customers asking for personal information regarding this cybersecurity incident. We will also never ask you for your credit card details via email or for your password in any form of communication. If you receive such a fraudulent communication from someone impersonating Le Creuset, do not click on any links, download any files, or reply to the communication. Instead, please let us know about it by forwarding the email us.

• Monitor your financial and other accounts for unusual or suspicious activity that you do not recognize. Contact the relevant financial institution or company immediately if you spot any unusual activity.

• Monitor your mail for any change or disruptions. Report any irregularities in your mail delivery to Canada Post.

• Use a strong, complex password for your Glare Ceramics account and do not reuse the same password for your other online accounts.

• Consult additional resources, such as the Government of Canada’s Get Cyber Safe website and the Canadian Anti-Fraud Centre, to inform yourself further about cybersecurity and steps you can take to protect yourself online.

The above information is subject to change. If we learn more, we will update this website to provide additional information.