A prominent producer of outdoor fence products told regulators on Tuesday evening that a ransomware gang stole images of video meetings and non-public financial documents.

Oregon-based Jewett-Cameron Trading filed a notice with the Securities and Exchange Commission (SEC) warning investors that hackers breached its IT systems on October 15. An investigation found that the hackers encrypted parts of the company’s internal corporate systems and installed monitoring software.

“The incident caused disruptions and limitation of access to portions of the Company’s business applications supporting aspects of the Company’s operations and corporate functions, which the Company voluntarily took offline as a precautionary measure,” Jewett-Cameron said in an 8-K filing.

“It is believed that the threat actors unlawfully accessed certain computer systems and exfiltrated images of video meetings and computer screens that may contain sensitive Company information. The threat actors have threatened to release this information publicly if the Company does not provide them with a monetary payment.”

Jewett-Cameron added that the hackers also exfiltrated IT information as well as financial data the company has been gathering over the past few weeks in preparation of filing its annual fiscal report with the SEC. The company said it expected to release the annual 10-K report in mid-November.

The company, founded in 1953, started as a lumber brokerage business before expanding into manufacturing metal and sustainable bag products as well as wholesale distribution of wood products. The company is best known for its fencing, gate and steel post products. 

Jewett-Cameron Trading did not respond to requests for comment. The company’s SEC filing said law enforcement has been contacted and cybersecurity experts were hired to help recover from the incident. 

While the filing says the incident has been “contained,” they are still working to bring the impacted portion of its IT system and individual computers back online. 

There is no evidence that the personal information of employees, customers, suppliers or vendors was stolen but the investigation into the attack is still ongoing, the company said. 

The source of the breach has been identified and addressed, but the company did not respond to questions about how the hackers gained initial access. 

Most of the costs associated with the recovery from the breach will be covered by its cyber insurance policy but the filing notes that the company’s operations have been “materially impacted” and the incident will have an effect on the financial results for the first quarter of fiscal 2026.

In 2021, the FBI warned that ransomware gangs were increasingly using significant financial events, like yearly fiscal reports, to target companies and extract exorbitant ransoms.

“Prior to an attack, ransomware actors research publicly available information, such as a victim’s stock valuation, as well as material nonpublic information,” the FBI said in a white notice. “If victims do not pay a ransom quickly, ransomware actors will threaten to disclose this information publicly, causing potential investor backlash.”