A fresh produce multinational based in Ireland has revealed that employee data was compromised in a ransomware breach that hit the firm in February.
Dole employs nearly 38,000 staff across 30 countries and posted revenue of $9.2bn last year, making it an attractive target for online extortionists.
Read more about ransomware: No Major Spike in Reported Ransomware in 2022.
It revealed on February 22 that the firm has “recently” experienced a ransomware attack which had “limited” impact on operations. Little more detail was given at the time while the firm investigated the scope of the incident.
However, a new filing with the Securities and Exchange Commission (SEC) yesterday had more.
“In February of 2023, we were the victim of a sophisticated ransomware attack involving unauthorized access to employee information,” it revealed. “Upon detecting the attack, we promptly took steps to contain the attack, retained the services of leading third-party cybersecurity experts and notified law enforcement.”
The firm didn’t reveal how many employees were impacted by the breach, but if hackers were able to exfiltrate personal information it may increase the costs associated with the incident.
“As cybersecurity attacks are becoming increasingly sophisticated and more frequent, our preventative measures and incident response efforts may not be entirely effective,” Dole admitted in the SEC filing.
“We have invested in security safeguards to reduce the risks to our networks, systems and data, but there is no assurance that our efforts will prevent cybersecurity attacks or disruptions.”
Although the fresh fruit and vegetable giant claimed to the SEC that the incident had a “limited impact” on its operations, reports at the time suggested that the firm was temporarily forced to shut down production plants in North America and halt deliveries to stores.
Some shoppers complained on social media that they were missing products like its salad kits, according to CBS.
Editorial image credit: T. Schneider / Shutterstock.com