Sysco, Global Food Distributor, Hit in Cyberattack

May 22, 2023

INCIDENT

Global food distributor, Sysco fell victim to a “cybersecurity event” at the beginning of the new year where the attacker gain information on workers and the company.
Sysco said in a 10-Q report, “on March 5, 2023, Sysco became aware of a cybersecurity event perpetrated by a threat actor believed to have begun on January 14, 2023. Immediately upon detection, Sysco initiated an investigation, with the assistance of cybersecurity and forensics professionals.
“The investigation determined that the threat actor extracted certain company data, including data relating to operation of the business, customers, employees and personal data. This data extraction has not impacted Sysco’s operational systems and related business functions, and its service to customers continued uninterrupted."
The incident affected 126,243 people. It took the company just under two months to discover the breach. They notified victims earlier this month. In essence from breach to notifying victim, it took the company almost five months.

Incident Date

January 14, 2023

Estimated Cost

Unknown at this time. But the incident affected 126,243 people.

Victims

Type of Malware

No Malware identified

Threat Source

No threat source identified