July 20, 2023
Campbell Soup disclosed an “IT-related complication” at a factory in Napoleon, Ohio. The company told station WTOL that impacted systems had been restored and operations would be back to normal. The Toledo Blade reported the plant was offline for three days and employees were temporarily sent home.
The attack had a limited impact on the company’s business and the company considers the disruption nonmaterial.
January 19, 2023
PurFoods, a U.S. producer of medically-tailored home-delivered meals, disclosed a data breach affecting over 1.2 million people. The incident occurred in January but was not discovered until February, the company said. Customers were notified late last week that their data had been compromised. PurFoods also notified federal law enforcement about the incident.
During the investigation, which is still ongoing, the company found out that certain files in its network were encrypted. It also identified the presence of tools that could be used for data exfiltration, adding that it’s possible that data was stolen from one of its file servers.
January 13, 2023
KFC, Pizza Hut, and Taco Bell parent company Yum! Brands confirmed a ransomware attack that leaked company data and shut down restaurants in the United Kingdom.
Yum! quickly mitigated the ransomware attack, and all outlets resumed operations within 24 hours.
“With the ransomware being contained to a third of Yum! Brands UK outlets and the downtime being limited to 1 day – Yum! Brands have done relatively well recovering,” said Morten Gammelgard EVP, EMEA at BullWall. “The average amount of downtime for organizations when hit by Ransomware is approximately 24 days.”
Breach notification letters were sent to affected people starting Thursday 6 April. Yum! Brands revealed that it has “now found out the attackers stole some individuals’ personal information, including names, driver’s license numbers, and other ID card numbers.”
January 14, 2023
Global food distributor, Sysco fell victim to a “cybersecurity event” at the beginning of the new year where the attacker gain information on workers and the company.
Sysco said in a 10-Q report, “on March 5, 2023, Sysco became aware of a cybersecurity event perpetrated by a threat actor believed to have begun on January 14, 2023. Immediately upon detection, Sysco initiated an investigation, with the assistance of cybersecurity and forensics professionals.
“The investigation determined that the threat actor extracted certain company data, including data relating to operation of the business, customers, employees and personal data. This data extraction has not impacted Sysco’s operational systems and related business functions, and its service to customers continued uninterrupted.”
The incident affected 126,243 people. It took the company just under two months to discover the breach. They notified victims earlier this month. In essence from breach to notifying victim, it took the company almost five months.
November 6, 2022
Maple Leaf Foods has confirmed that it was struck by ransomware. The company stated that it will not pay any ransom. And expects “full resolution of the outage will take time and result in some operational and service disruptions.” “The outage is creating some operational and service disruptions that vary by business unit, plant and site.” This confirmation comes after the Black Basta ransomware gang listed Maple Leaf Foods as one of its victims. IT World Canada reached out to confirm if Black Basta was responsible for the ransomware attack. A Maple Leaf Food representative said that the company “won’t dignify criminals by naming them.”
UPDATE: On March 9, four months after the incident, the company released the financial results that showed the attack costing over US$16,5M. Maple Leaf Foods President and Chief Operating Officer Curtis Frank said: “We are immensely proud of how our team responded in the face of this crisis. In less than 48 hours, we were able to pivot our organization to operate in a fully manual process, basically going back to paper and pencils. With remarkable pace, our information systems team cleaned, rebooted and restored our systems, allowing us to start back on the road to recovery.”
October 5, 2022
HiPP, a Pfaffenhofen, Bavaria based baby food manufacturer was hit by a cyber attack which affected it IT and OT systems. The company sells its baby food worldwide. The company was not forthcoming with many details as to the nature of the attack, but the Central Office for cybercrime Bavaria (ZCB) was involved in the investigation into the incident. Production was halted for days after the incident, and over 1,000 employees were not able to work and sent home.
December 11, 2022
Fruttagel, an Agricultural Cooperative Company from Ravenna, suffered an external computer attack. The attack partially and temporarily compromised the company information systems. “The company – reads the note – promptly activated all the emergency procedures, resorting to the expertise of the personnel and cybersecurity experts. However, it was not possible to avoid huge production damages, with the consequent temporary impossibility to send the its products to all customers. The IT system check and recovery times will take a few days, with the hope of being able to restart shipping activities on Thursday 15 December”.
“What happened, despite our prompt reaction, is making it impossible to carry out all the production activities and to follow up with the shipment of the packaged products, with considerable damage for the company and obviously for our customers” – says Stanislao Fabbrino, managing director of Fruttagel -.
On January 7, BlackCat/ALPHV published more than 720 gigabytes of corporate data, listing it includes financial and corporate documents, customer data, contracts with companies like IKEA, PepsiCO, etc. SGS certificates, private date, GDPR files, employee contacts, management, large customer base with global companies. Drawings of the company’s products.
November 26, 2022
The Cobolux company fell victim to a cyberattack on November 25. As a result the computers were paralyzed and it was no longer possible to label the products. “Our computer scientists worked all weekend and made it possible for us to continue working on Monday morning,” explains the general manager “We were able to stop production and deboning of the slaughtered animals,” says Faltz, which prevented damage to the meat. Since operations are generally at a standstill on Sundays, there was only a loss of production on Saturday.
Almost three months later, the bills have skyrocketed. “The damage was already over 100,000 euros at the time and is now estimated at between 400,000 and 500,000 euros,” says Paul Faltz. “Production failures, the network and the ERP software had to be restored, lost data re-encrypted and investments made in an even more secure IT structure. All of these are the consequences of the attack.”
The company supplies meat to butcher shops, supermarkets and restaurants throughout Luxembourg and greater region.
August 6, 2022
The Bulgarian Food Safety Agency (BFSA) is unable to provide electronic services because the Agency’s website and servers have come under a cyber attack, the BFSA said in a press release on Monday. The attack was detected on August 6, and the BFSA’s full range of functionalities and services are currently inaccessible.
Work is underway to restart the electronic services. The cyber attack does not affect the operation of Bulgarian border checkpoints, the BFSA specified.
March 24, 2022
On March 24 a cyberattack was conducted on Tavr, a major Russian food processing group in the Rostov region. As per the official company statement, the company business processes, including production, were temporarily paralyzed and a significant economic loss was recorded. A company representative assessed the event as “meticulously planned and significant sabotage”. Currently, the company’s activities are carried out in a limited mode.