An April ransomware attack against Americold, one of the largest refrigerated cargo operators in the world, affected almost 130,000 people, the company announced. In a breach report sent on Friday to regulators in the state of Maine, located in the New England region, USA, Atlanta-based Americold confirmed that hackers breached its systems on April 26 and accessed information from current and former employees, as well as their dependents.
While the company did not explicitly call it a ransomware attack, it admitted that the cybersecurity incident “involved the deployment of malware on certain systems.”
The investigation concluded on November 8, with investigators discovering that names, addresses, Social Security numbers, driver’s license/state ID numbers, passport numbers, financial account information, and medical and health insurance information related to the jobs were leaked.
The company initially reported the incident to the U.S. Securities and Exchange Commission (SEC) on April 26, saying it “took operations offline to protect its systems and reduce disruption to its business and customers.”
Americold, which in Brazil operates under the corporate name Americold Brasil Participações, controls 250 temperature-controlled warehouses around the world, the majority of which are used by food producers, distributors and retailers.
In April and May, customers took to Reddit to confirm that the company was advising them to cancel or reschedule deliveries except those involving critical perishables, according to the memo to which the Bleeping Computer had access.
This is the second cyberattack Americold has faced following another incident in November 2020. In July, the company appeared on the leak site for the Cactus ransomware gang, which has caused controversy in recent weeks following reports from Microsoft that the group is using malware distributed through online advertisements to infect victims.
Cybersecurity researchers said Cactus emerged in March and focused on exploiting vulnerabilities in virtual private network devices to gain initial access to large companies’ networks.
Incident response firm Dragos also said it has increasingly seen ransomware being used in attacks on industrial organizations, impacting industrial control systems, equipment, and the manufacturing and engineering sectors. The gang was responsible for 16 attacks on industrial entities tracked by Dragos in the third quarter of this year, representing around 7% of all attacks.
Source: CisoAdvisor
