2023-03-10 ARGAN INC Cybersecurity Incident

Page last updated on April 11, 2024

ARGAN INC initially disclosed a cybersecurity incident in an SEC 8-K filing on 2023-03-10 16:41:58 EST.

Incident Details

Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date:
Detected Date: 2023-03-07
Disclosure Date: 2023-03-10
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2023-03-10

ARGAN INC filed an 8-K at 2023-03-10 16:41:58 EST
Accession Number: 0001558370-23-003484

Item 8.01 Other Events.

On March 7, 2023, Argan, Inc. (the “Company”) determined that the Company had been a victim of a complex criminal phishing scheme which resulted in fraudulently-induced outbound wire transfers on March 6, 2023 and March 7, 2023 to a third-party account. The Company self-discovered this fraudulent activity and promptly contacted the remitting bank, receiving bank, dispute resolution experts, and federal and local law enforcement authorities who continue to pursue recovery of the transferred funds.

To date, the Company has not found any evidence of additional fraudulent activity and currently does not believe the incident resulted in any unauthorized access to other data maintained by the Company. As a result of this event, and if no further recoveries of transferred funds occur, the Company expects to record a one-time pre-tax charge of approximately $3.0 million for the unrecovered fraudulent wire transfers in the first quarter of the fiscal year ending January 31, 2024, of which up to $0.2 million, net of the applicable deductible, may be recovered through an insurance claim. The Company continues to evaluate the effectiveness of internal controls related to these transactions. It has already implemented certain redundant controls, and may implement others in the future, related to outgoing electronic transfers of cash. Additionally, the Company is in the process of retaining specialized legal counsel and a cybersecurity services firm to assist in an independent forensic investigation of this incident. The Company does not expect this matter to have a material impact on its business or its ability to service its customers.

This Current Report on Form 8-K contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. The words “believe,” “expect,” “anticipate,” “plan,” “intend,” “estimate,” “foresee,” “should,” “would,” “could,” or other similar expressions are intended to identify forward-looking statements. Our forward-looking statements are based on our current expectations and beliefs concerning future developments and their potential effects on us. There can be no assurance that future developments affecting us will be those that we anticipate.

Our forward-looking statements, by their nature, involve significant risks and uncertainties (some of which are beyond our control) and assumptions. They are subject to change based upon various factors including, but not limited to, the risks and uncertainties described in Item 1A in our reports filed with the Securities and Exchange Commission, including our Annual Report on Form 10-K and Quarterly Reports filed on Form 10-Q. Should one or more of these risks or uncertainties materialize, or should any of our assumptions prove to be incorrect, actual results may vary in material respects from those projected in the forward-looking statements. We undertake no obligation to publicly update or revise any forward-looking statements, whether as a result of new information, future events or otherwise.

Company Information