A ransomware attack in April on cold storage giant Americold affected nearly 130,000 people, the company has announced.
In a breach report to regulators in Maine on Friday, Atlanta-based Americold confirmed that hackers had breached its systems on April 26 and accessed the information of current and former Americold employees as well as their dependents.
Its investigation concluded on November 8, with investigators finding that names, addresses, Social Security numbers, driver's license/state ID numbers, passport numbers, financial account information, and employment-related health insurance and medical information were leaked.
Americold is the world's largest publicly traded real estate investment trust focused on temperature-controlled warehouses.
The company controls 250 warehouses across the world - most of which are used by food producers, distributors and retailers.
In April and May, customers took to Reddit to confirm that the company was telling them to cancel or reschedule deliveries except for those involving critical perishable products, according to the memo seen by Bleeping Computer.
This is the second cyberattack Americold has faced after another incident in November 2020.
In July, the company appeared on the leak site for the Cactus ransomware gang, which has made waves in recent weeks following reports from Microsoft that the group is using malware distributed through online advertisements to infect victims.
Cybersecurity researchers previously told BleepingComputer that Cactus emerged in March and focused on exploiting vulnerabilities in virtual private network appliances to gain initial access to the networks of large companies.
Incident response firm Dragos also said it is increasingly seeing Cactus ransomware used in attacks on industrial organizations, impacting industrial control systems equipment, and the manufacturing and engineering sectors.
The gang was responsible for 16 attacks on industrial entities tracked by Dragos in the third quarter of 2023 - representing about 7% of all attacks.
Kentucky healthcare giant says 2.5 million people affected by May ransomware attack.
Jonathan has worked across the globe as a journalist since 2014.
Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.
He previously covered cybersecurity at ZDNet and TechRepublic.
This Cyber News was published on therecord.media. Publication date: Mon, 11 Dec 2023 22:10:10 +0000