Kraft Heinz investigates cyber attack claims but internal systems ‘functioning normally’

The Kraft Heinz company said it is investigating recent allegations of data theft made by a ransomware gang.

The Chicago-based company is the third largest food and beverage company in North America and the fifth largest in the world, with annual revenue of more than $26 billion in 2021.

Wednesday evening, the Snatch ransomware gang added the company on its leak site, claiming to have stolen an undisclosed amount of data.

A Kraft Heinz spokesperson provided more information about what might have been attacked, but said the company was not experiencing any negative effects.

“We are looking into claims that a cyberattack took place several months ago on a decommissioned marketing website hosted on an external platform, but we are currently unable to verify these claims,” the spokesperson said.

“Our internal systems are operating normally and we currently see no evidence of a broader attack.”

The spokesperson did not respond to follow-up questions about the ransom payment.

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) shed light on the Snatch ransomware gang in September, warning that the hackers were based in Russia and targeting organizations in the agriculture, IT and defense sectors.

The group has existed in various forms since 2018, but has made headlines in recent months due to attacks on South African Department of DefenseTHE Metropolitan Opera and the city government of Modesto, California.

“Since mid-2021, Snatch threat actors have consistently evolved their tactics to take advantage of current trends in cybercrime and capitalize on the successful operations of other ransomware variants,” the report states. the agencies said. “Runoff threat actors have targeted a wide range of critical infrastructure sectors, including the defense industrial base (DIB), food and agriculture, and information technology sectors . »

The group has also been seen buying data stolen by other ransomware gangs and extorting victims for additional ransoms.

The gang devastated a Wisconsin school district network in October 2022 and attracted attention of the US Senate after stealing the sensitive data of more than 1.2 million patients during a attempted ransomware attack in May at one of Florida’s largest hospitals.

In addition to limiting services, the gang stole millions of Social Security numbers and IDs from their victims, including car manufacturer VolvoA Canadian airport and the Canadian Nurses Association.

There have been several attacks on major food manufacturers in 2023, with cyberattackers targeting supply chain pressure points in the hope of extracting large ransoms. Sysco, Alms, Hershey, MondelezAnd Maple Leaf Foods of Canada have all faced data theft incidents this year.

Jonathan Greig is a breaking news reporter at Recorded Future News. Jonathan has worked as a journalist around the world since 2014. Before returning to New York, he worked for media outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.