Kellogg is the latest victim of a long list of companies impacted by Clop's Cleo zero-day attacks, with the threat actors gradually disclosing additional victims and stolen data samples several months after the incident. The previous disclosure came on March 18 by Arizona-based Western Alliance Bank, which informed 22,000 customers their personal data had been stolen in an October 2024 breach of Cleo's secure file transfer software. US food giant WK Kellogg Co is warning employees and vendors that company data was stolen during the 2024 Cleo data theft attacks. Kellogg says it worked closely with Cleo to identify the security measures it implemented to address last year's breach and prevent similar incidents from occurring in the future. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. Although the company does not specifically mention Clop or the data theft attacks, the date of the reported incidents coincides with the wave of attacks that occurred in December 2024. Furthermore, the breach notifications come soon after the Clop ransomware gang listed WK Kellogg on their data leak extortion site. This attack leveraged two zero-day flaws tracked as CVE-2024-50623 and CVE-2024-55956, allowing the threat actors to breach servers and steal data. The data breach notification shared with the authorities says the exposed data includes a person's name and social security number. Cleo software is a managed file transfer utility that was targeted by the Clop ransomware gang en masse at the end of last year. "WK Kellogg learned on February 27, 2025, that a security incident may have occurred involving Cleo," reads the notice.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 07 Apr 2025 16:00:08 +0000