Global food and beverage giant Kraft Heinz, whose brand has become synonymous with ketchup, is investigating recent allegations of data theft made by a ransomware gang. The company, headquartered in Chicago, USA, is the fifth largest food and beverage manufacturer in the world, with annual sales of more than US$26 billion.
On Wednesday night, the Snatch ransomware group added the company to its leak site, claiming to have stolen an undisclosed amount of data. A Kraft Heinz spokesperson provided information to the The Record about what may have been attacked, but said the company is not dealing with any adverse effects. “Our internal systems are operating normally and we currently see no evidence of a broader attack.”
The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) highlighted the Snatch ransomware gang in September, warning that the hackers were based in Russia and are targeting organizations in the agriculture, IT and defense sectors.
The group, which has been operating since 2018, has made headlines in recent months for attacks on the South African Department of Defense, the Metropolitan Opera and Modesto City Hall in California. “Since mid-2021, Snatch operators have consistently evolved their tactics to take advantage of current trends in the cybercriminal space and have leveraged the operations successes of other ransomware variants,” the agencies said.
The group has also been seen purchasing data stolen by other ransomware gangs and extorting victims for more ransoms.
In previous attacks, which included the Volvo automaker, a Canadian airport and the Canadian Nurses Association, the gang, in addition to limiting services, stole millions of victims’ CPF numbers and identities. Several attacks on large food manufacturers have been carried out this year, although not all can be attributed to the group, including Sysco, Dole, Hershey, Mondelez and Canadian Maple Leaf Foods.
Source: CisoAdvisor
