View Filing Data for SEC filing 0001079973-25-001631

Cover	Oct. 15, 2025
Cover [Abstract]
Document Type	8-K
Amendment Flag	false
Document Period End Date	Oct. 15, 2025
Entity File Number	000-19954
Entity Registrant Name	JEWETT-CAMERON TRADING COMPANY LTD.
Entity Central Index Key	0000885307
Entity Tax Identification Number	00-0000000
Entity Incorporation, State or Country Code	A1
Entity Address, Address Line One	32275 N.W. Hillcrest
Entity Address, City or Town	North Plains
Entity Address, State or Province	OR
Entity Address, Postal Zip Code	97133
City Area Code	503
Local Phone Number	647-0110
Written Communications	false
Soliciting Material	false
Pre-commencement Tender Offer	false
Pre-commencement Issuer Tender Offer	false
Title of 12(b) Security	Common Stock, no par value
Trading Symbol	JCTC
Security Exchange Name	NASDAQ
Entity Emerging Growth Company	false

Material Cybersecurity Incident Disclosure	Oct. 15, 2025
Material Cybersecurity Incident [Abstract]
Material Cybersecurity Incident Nature [Text Block]	unauthorized access to portions of the Company’s information technology (“IT”) environment and claimed to have unlawfully accessed certain Company information and data. The Company immediately activated its cyber incident response process to contain the intrusion, assess and investigate the incident and implement remedial measures.
Material Cybersecurity Incident Scope [Text Block]	On October 15, 2025, Jewett-Cameron Trading Co. Ltd. (the “Company”) learned that a threat actor had gained unauthorized access to portions of the Company’s information technology (“IT”) environment and claimed to have unlawfully accessed certain Company information and data. The Company immediately activated its cyber incident response process to contain the intrusion, assess and investigate the incident and implement remedial measures. The Company also immediately notified law enforcement and retained external cybersecurity experts to assist. Based on its investigation to date, the Company believes that the cybersecurity incident consisted of unauthorized access and deployment of encryption and monitoring software by a third party to a portion of the Company’s internal corporate IT systems. The incident caused disruptions and limitation of access to portions of the Company’s business applications supporting aspects of the Company’s operations and corporate functions, which the Company voluntarily took offline as a precautionary measure. Based on the information reviewed to date, the Company believes the unauthorized activity has been contained and is working diligently to bring the impacted portions of its IT systems and individual computer devices back online. Although the Company ascertained that certain information was exfiltrated, it is still investigating the extent of compromise of any sensitive information contained within the accessed IT systems. However, it is believed that the threat actors unlawfully accessed certain computer systems and exfiltrated images of video meetings and computer screens that may contain sensitive Company information. The threat actors have threatened to release this information publicly if the Company does not provide them with a monetary payment. The Company has taken additional cybersecurity measures in response to this incident including closing off the point of unlawful access and bolstering its cyber defensive capabilities. The Company believes that the costs associated with these activities will be largely covered by the Company’s cyber security insurance policy. However, due to the extended period that the Company has been and may continue to be offline, operations may be materially impacted, which may also impact the Company’s financial results for the first quarter of fiscal 2026. Current analysis indicates that the data exfiltrated primarily relates to IT related information and financial information the Company has been gathering and analyzing over the past few weeks in preparation of filing with the Securities and Exchange Commission its Annual Report on Form 10-K for the fiscal year ended August 31, 2025, which the Company expects to release in mid-November. As the investigation of the incident is ongoing, the full scope, nature and impact of the incident are not yet completely known. We have no current evidence that any personally identifiable information of any employees, customers, suppliers or vendors has been compromised, but our analysis and review of the potential compromised systems and data continues. The Company is bringing systems and devices online in a thoughtful and methodical manner in coordination with our cybersecurity experts and the ongoing investigation and expects to be at full operational capability shortly.

Material Cybersecurity Incident Disclosure

Oct. 15, 2025

Material Cybersecurity Incident [Abstract]

Material Cybersecurity Incident Nature [Text Block]

unauthorized access to portions of the Company’s information technology (“IT”) environment and claimed to have unlawfully accessed certain Company information and data. The Company immediately activated its cyber incident response process to contain the intrusion, assess and investigate the incident and implement remedial measures.

Material Cybersecurity Incident Scope [Text Block]

On October 15, 2025, Jewett-Cameron Trading Co. Ltd. (the “Company”) learned that a threat actor had gained unauthorized access to portions of the Company’s information technology (“IT”) environment and claimed to have unlawfully accessed certain Company information and data. The Company immediately activated its cyber incident response process to contain the intrusion, assess and investigate the incident and implement remedial measures. The Company also immediately notified law enforcement and retained external cybersecurity experts to assist. Based on its investigation to date, the Company believes that the cybersecurity incident consisted of unauthorized access and deployment of encryption and monitoring software by a third party to a portion of the Company’s internal corporate IT systems. The incident caused disruptions and limitation of access to portions of the Company’s business applications supporting aspects of the Company’s operations and corporate functions, which the Company voluntarily took offline as a precautionary measure. Based on the information reviewed to date, the Company believes the unauthorized activity has been contained and is working diligently to bring the impacted portions of its IT systems and individual computer devices back online.

Although the Company ascertained that certain information was exfiltrated, it is still investigating the extent of compromise of any sensitive information contained within the accessed IT systems. However, it is believed that the threat actors unlawfully accessed certain computer systems and exfiltrated images of video meetings and computer screens that may contain sensitive Company information. The threat actors have threatened to release this information publicly if the Company does not provide them with a monetary payment. The Company has taken additional cybersecurity measures in response to this incident including closing off the point of unlawful access and bolstering its cyber defensive capabilities. The Company believes that the costs associated with these activities will be largely covered by the Company’s cyber security insurance policy. However, due to the extended period that the Company has been and may continue to be offline, operations may be materially impacted, which may also impact the Company’s financial results for the first quarter of fiscal 2026.

Current analysis indicates that the data exfiltrated primarily relates to IT related information and financial information the Company has been gathering and analyzing over the past few weeks in preparation of filing with the Securities and Exchange Commission its Annual Report on Form 10-K for the fiscal year ended August 31, 2025, which the Company expects to release in mid-November.

As the investigation of the incident is ongoing, the full scope, nature and impact of the incident are not yet completely known. We have no current evidence that any personally identifiable information of any employees, customers, suppliers or vendors has been compromised, but our analysis and review of the potential compromised systems and data continues. The Company is bringing systems and devices online in a thoughtful and methodical manner in coordination with our cybersecurity experts and the ongoing investigation and expects to be at full operational capability shortly.