Ransomware Attack on Fairlife Halts Coca-Cola’s U.S. Dairy Production

Photo: BleepingComputer
Quick answer
A ransomware attack on Fairlife, a Coca-Cola subsidiary, temporarily halted U.S. dairy production.
Coca-Cola has reported a ransomware attack targeting its subsidiary Fairlife, a company specializing in ultra-filtered milk, protein shakes, and other dairy products. The incident was detected following unauthorized access to corporate systems, including production networks.
In a filing with the U.S. Securities and Exchange Commission (SEC), Coca-Cola stated that incident response protocols and business continuity plans were immediately activated. External cybersecurity consultants, law enforcement, and forensic experts have been engaged to investigate the breach.
While U.S. production at Fairlife facilities has been halted, the company assures that product quality and safety remain intact. Canadian operations continue to function without disruption. Coca-Cola notes that efforts to restore affected systems are underway, but the full impact of the incident is still being assessed.
It remains unclear whether any data was exfiltrated during the attack or if ransom demands were issued. No known ransomware groups have publicly claimed responsibility for the incident. Experts warn that if data was stolen, attackers may attempt to extort the company in the future.
Common questions
- What were the consequences of the ransomware attack on Fairlife?
- U.S. dairy production at Fairlife was temporarily suspended. The company confirmed that product quality and safety remained unaffected, but the investigation into the incident is still ongoing.
- Who could be behind the attack on Fairlife?
- No ransomware group has yet claimed responsibility for the attack. The company has not disclosed details, but attackers may attempt to extort the company if data was stolen.
- Were Fairlife’s Canadian facilities affected?
- No, production at Fairlife’s Canadian facilities continues to operate normally and was not impacted by the cyberattack.
Dzen feed: /feed/dzen.xml · RSS: /feed.xml