Kraft Heinz (NASDAQ: KHC), the third-largest food and beverage company in North America and the fifth-largest globally, is currently investigating claims of a cyberattack made by the Snatch ransomware gang. The attack was brought to light when Snatch added Kraft Heinz to its leak site, asserting that they had successfully stolen undisclosed data. Despite these claims, Kraft Heinz maintains that its internal systems are operating normally and that there is no evidence of a broader attack.
The cyberattack is reported to have occurred several months ago on a decommissioned marketing website hosted on an external platform. However, Kraft Heinz is currently unable to verify the legitimacy of these claims. The company spokesperson revealed that they are reviewing the situation but emphasized the lack of adverse effects on their operations.
Why it matters: Snatch ransomware has been in the cybersecurity spotlight, with the FBI and Cybersecurity and Infrastructure Security Agency (CISA) highlighting the group’s activities in a joint advisory in September. The advisory, which provides detailed mitigation measures, links Snatch to Russia and notes its targeting of sectors such as agriculture, IT, and defense.
Snatch ransomware is known for its double-extortion tactics, wherein it not only encrypts data but also threatens to leak it unless a ransom is paid. While the gang claimed responsibility for the attack on Kraft Heinz, it has not provided any proof or screenshots to validate its assertions, a common tactic used to pressure organizations into paying ransom.
- Kraft Heinz joins the ranks of Sysco, Dole, Hershey, Mondelez, and Canada’s Maple Leaf Foods, all of which have faced data theft incidents this year. These attacks on critical points in the supply chain underscore the vulnerabilities of the food industry to cyber threats.
- The nature of Snatch’s tactics, demonstrated by its consistent adaptation to current trends in the cybercriminal space, poses an ongoing challenge for cybersecurity efforts. The group’s involvement in high-profile incidents underscores the need for organizations to remain vigilant against sophisticated cyber threats.
- This attack highlights the importance of cybersecurity measures, especially as threat actors like Snatch continue to evolve their tactics, posing a persistent risk to organizations across various sectors.
Go Deeper –> Kraft Heinz investigating possible cyberattack – Yahoo Finance
Snatch ransomware attack claims probed by Kraft Heinz – SC Media
Kraft Heinz reviewing claims of cyberattack but internal systems ‘operating normally’ – The Record