Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident.
Clorox is an American manufacturer of consumer and professional cleaning products with 8,700 employees and almost $7.5 billion in revenue for 2023.
On August 11th, Clorox suffered a cyberattack that caused significant disruption in the company's operation, leading to lowered production and decreased availability of consumer products.
In an earnings report filed with the SEC on Thursday, Clorox disclosed it incurred $49 million in expenses related to the cyberattack by the end of 2023.
The company has acknowledged that they are still working to recover from the attack but expects to incur lessening costs related to the cyberattack in the future.
Johnson Controls International also confirmed this week that a September 2023 ransomware attack cost the company $27 million in expenses, leading to a data breach after hackers stole corporate data.
While Clorox has not provided many details about their attack, Bloomberg reported that it is believed to have been conducted by the hacker collective known as Scattered Spider.
Scattered Spider is a loose-knit group of threat actors, many of them English-speaking, who specialize in social engineering attacks to breach a company's networks.
What makes Scattered Spider so unusual is they are also affiliates of the BlackCat/ALPHV ransomware gang, who usually only work with Russian-speaking threat actors.
Scattered Spider has been previously linked to attacks on MGM, Caesars, DoorDash, and Reddit.
MGM casino's ESXi servers allegedly encrypted in ransomware attack.
BTC-e server admin indicted for laundering ransom payments, stolen crypto.
FTC orders Blackbaud to boost security after massive data breach.
Interpol operation Synergia takes down 1,300 servers used for cybercrime.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Sat, 03 Feb 2024 21:40:05 +0000