The company learned of a “disruption” on Sept 15 and by Oct 4, it had determined cybercriminals had infiltrated its systems and gained access to certain files, including employee names and SSNs.