Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Dole Food Company, one of the world’s largest suppliers of fresh fruit and vegetables, has revealed that it has been hit by a ransomware attack that disrupted its operations.
The company is still looking into “the scope of the incident,” but for now, they’ve said that the impact is limited. The business has a workforce of around 38,000 people and generates $6.5 billion in annual sales.
Dole has hired third-party experts to assist with the mitigation and protection of the impacted systems, according to a statement posted on the company’s website. The incident has also been reported to law enforcement.
Dole plc announced today that the company recently experienced a cybersecurity incident that has been identified as ransomware. Upon learning of this incident, Dole moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who have been working in partnership with Dole’s internal teams to remediate the issue and secure systems.
(…) While continuing to investigate the scope of the incident, the impact to Dole operations has been limited.
Dole Shut Down Production in North America
However, despite Dole’s attempt to downplay the incident, claiming that the impact was “limited”, a memo from a Texas grocery store that was posted on Facebook suggests otherwise: food giant Dole was forced to shut down its production plants in North America.
“Dole Food Company is in the midst of a cyberattack, and [we] have subsequently shut down our systems throughout North America. (…) Our plants are shut down for the day, and all shipments are on hold.”, reads the company’s notification to its partners.
The company’s notification to its partners
For more than a week, customers have been complaining about prepackaged Dole salad shortages on store shelves. Although the company did not specify the date of the attack, it is likely that the shortage was caused by a ransomware attack, explains Bleeping Computer.
The memo distributed to stores highlights Dole’s crisis management protocol, which includes the “Manual Backup Program.” This indicates that the company may resort to manual operations, which means that manufacturing and shipments will resume, though at a slower pace.
Dole’s official announcement on the ransomware incident is available here.
Update (March 24, 2023): Dole Confirms Ransomware Attack
Dole confirmed that the ransomware attackers in February gained access to the personal data of an unspecified number of employees.
We have in the past experienced, and may in the future face, cybersecurity incidents. In February of 2023, we were the victim of a sophisticated ransomware attack involving unauthorized access to employee information.
Upon detecting the attack, we promptly took steps to contain the attack, retained the services of leading third-party cybersecurity experts and notified law enforcement. The February 2023 attack had a limited impact on our operations.
The annual report Dole has filed with the U.S. Securities and Exchange Commission (SEC) is available here.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.
Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.
