
The Coca-Cola Company disclosed today that a ransomware attack impacting its Fairlife dairy subsidiary has disrupted operations, temporarily suspending production of Fairlife products across the United States.
In a Form 8-K filing with the U.S. Securities and Exchange Commission (SEC), Coca-Cola said Fairlife detected unauthorized access to some of its systems, including its production-related systems, in connection with a ransomware attack.
"After detecting the issue, the Company promptly activated its incident response and business continuity protocols," Coca-Cola said in the filing.
"The Company's investigation and assessment of the impact of the incident is ongoing, with the assistance of outside advisors and cybersecurity experts. The Company has also notified law enforcement."
The company said product quality and safety have not been affected by the ransomware attack.
However, it confirmed that production at Fairlife's U.S. facilities has been temporarily suspended while the company responds to the incident and restores impacted systems.
Canadian production operations are not currently affected.
Coca-Cola says it is working to restore affected systems and resume operations, but the full impact of the incident is being investigated.
Due to this, it has not yet been determined whether the cyberattack is reasonably likely to materially affect the Company
If you have any information regarding this incident or other undisclosed attacks, you can contact us confidentially via Signal at 646-961-3731 or at [email protected].
Fairlife is one of Coca-Cola's dairy brands and produces ultra-filtered milk products, protein shakes, and nutrition drinks sold in the United States.
The company's products include Ultra-Filtered Milk, Core Power Protein Shakes, and Nutrition Plan.
At this time, Coca-Cola has not disclosed whether any data was stolen during the attack, whether the company is being extorted, or which ransomware operation is responsible.
No ransomware gang has claimed responsibility for the attack at this time. If data was stolen during the intrusion, the attackers will likely attempt to extort the company later by threatening to publish it unless a ransom is paid.
When BleepingComputer contacted Coca-Cola to ask whether the attackers stole data, whether the company had received an extortion demand, and which ransomware gang was behind the attack, a spokesperson said the company had nothing additional to share beyond its public statement.
Test every layer before attackers do
Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
Get the whitepaper