Dole confirms employee data leaked in ransomware attack
SEC filing claims attackers accessed Dole employee data
A recent ransomware attack against food giant Dole resulted in hackers managing to steal the sensitive data of an unknown number of its employees, the company has confirmed.
“We have in the past experienced, and may in the future face, cybersecurity incidents,” a filing with the U.S. Securities and Exchange Commission (SEC) from the company says. “In February of 2023, we were the victim of a sophisticated ransomware attack involving unauthorized access to employee information.”
The details are scarce, and we don’t yet know what kind of information was taken, or from how many employees, but Dole operates in more than 75 countries and employs almost 40,000 workers.
"Limited" attack
The company revealed in February 2023 that it hadsuffered a ransomware attack with “limited” impact on its operations.
“Our plants are shut down for the day, and all shipments are on hold,” the announcement had said.
Still, further investigations discovered that the company was forced to temporarily suspend some of its operations as a result. For example, a Texas grocery store memo that was posted on Facebook said the company halted its production plants in North America and suspended shipments.
“Dole Food Company is in the midst of a cyberattack, and [we] have subsequently shut down our systems throughout North America,” the memo said.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Despite the ransomware attack being almost a month old, there is no information about the threat actor, as no one has yet claimed responsibility, or announced the attack on their data leak website. It’s also unknown which encryptor was used, or if malware was used to compromise company networks and endpoints.
Some media are speculating that a shortage of prepackaged Dole salads, which was observed a week before the announcement of the ransomware attack, could be linked. As per the memo, Dole was looking to deploy a “Manual Backup Program”, which probably means it had to switch to manual operations.
- Here's the list of the best malware removal software right now
Via: BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.