MAZE Claims Ransomware Attack on US Egg Supplier

The threat group MAZE has published what it claims is data stolen from a Minnesota egg supplier during a ransomware attack.

On their website mazenews.top, the threat group lists Sparboe Companies among a growing number of organizations it claims to have targeted recently.    

According to MAZE, egg producer and supplier Sparboe was cracked into on May 1, 2020. As proof of the attack, the threat group has shared a zip file of data it claims was exfiltrated from Sparboe's systems. 

The zip file contains 17 folders of what appears to be information on current and former employees, nest-run inventory, expense report, injury reports, dock schedules, and other data.

In what could be an ominous indicator of how much data has allegedly been swiped from the company, the zip file is named simply "part1."

"It’s impossible to say exactly what data may have been obtained in these incidents," commented Emsisoft's Brett Callow. "The initial data dump is typically simply a warning shot—or the equivalent of a kidnapper sending a pinky finger." 

Sparboe Companies did not confirm or deny the alleged ransomware attack by MAZE and is yet to respond to a request for comment.  

The business was hatched in 1954 by Bob Sparboe in central Minnesota as a chick distribution company. The company grew to become the fifth largest supplier of eggs in the United States in the early 2010s. 

Sparboe's reputation was tarnished in November 2011 when an animal rights group published a video of conditions in hen housing owned by the company. Footage shot in Minnesota, Iowa, and Colorado depicted crowded cages sadly common in the industry and also incidences of animal cruelty.

One worker was seen pressing down on a chick's neck until it broke while another was captured swinging a chicken about by a rope or chain. 

Confronted with the video, a Sparboe spokesperson said: "Acts depicted in the footage are totally unacceptable and completely at odds with our values as egg farmers." Nevertheless, the company was dropped as a supplier by McDonald's, Target Corp., Lund's, Byerly's, and other major grocery chains.

What’s Hot on Infosecurity Magazine?