Contents:
Threat actors breached Pepsi Bottling Ventures LLC`s network and successfully installed info-stealing malware.
The incident happened on or around December 23rd, 2022, and the team discovered it 18 days later, on January 10th, 2023.
It took the IT team another 9 days to remediate the breach and secure the system. So, the hackers had around 27 days to exploit the data breach.
The company alerted the authorities and stated, in a sample security incident notice, that:
Based on our preliminary investigation, an unknown party accessed [our internal IT systems] on or around December 23, 2022, installed malware, and downloaded certain information contained on the accessed IT systems.
We took prompt action to contain the incident and secure our systems. While we are continuing to monitor our systems for unauthorized activity, the last known date of unauthorized IT system access was January 19, 2023.
What the Pepsi Data Breach Puts at Risk
According to Pepsi`s investigation, the data breach exposed names, home and email addresses, IDs, and driver`s license numbers. But the incident also exposed financial account information, like passwords, pins, and access numbers. It also revealed extremely sensitive data, like ID cards, social security numbers, passport information, digital signatures, etc.
At the moment, it is not clear how many people`s data were impacted by the malware attack, or if stolen data belongs to employees, customers, or both. This is serious because apart from phishing attacks, threat actors could try to use the data for identity theft.
Mitigation Measures
After they found the incident, the company enforced additional network security measures:
- They reset all company passwords.
- They suspended from activity all the affected systems.
- The company continued checking for more potentially affected records and systems.
The company also urged customers to change their username(s), password(s), and security question answer(s), and take the necessary measures to protect any other accounts that used the same data.
In order to mitigate the identity theft risk, they also offer free identity monitoring services for one year.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Heimdal® Network DNS Security
- No need to deploy it on your endpoints;
- Protects any entry point into the organization, including BYODs;
- Stops even hidden threats using AI and your network traffic log;
- Complete DNS, HTTP and HTTPs protection, HIPS and HIDS;