Major Cold Storage Company Americold Reveals Data Breach Following Devastating April Malware Attack

As someone who cares deeply about cybersecurity, I want to share a recent incident that highlights the importance of safeguarding your data. Cold storage and logistics giant Americold recently confirmed that over 129,000 employees and their dependents had their personal information stolen in an April attack, which was later claimed by Cactus ransomware.

Americold is a massive company, employing 17,000 people worldwide and operating temperature-controlled warehouses all over North America, Europe, Asia-Pacific, and South America. The April network breach led to an outage affecting the company’s operations after Americold was forced to shut down its IT network to contain the breach and “rebuild the impacted systems.”

But the damage didn’t stop there. Americold also had to tell customers via a private memo issued after the attack to cancel all inbound deliveries and reschedule outbound shipments, except for those deemed critically time-sensitive and nearing expiration. In notification letters sent on December 8 to 129,611 current and former employees (and dependents) affected by the data breach, the company revealed that the attackers were able to steal some data from its network on April 26.

Imagine this happening to you, your personal information at risk: your name, address, Social Security number, driver’s license/state ID number, passport number, financial account information (such as bank account and credit card numbers), and employment-related health insurance and medical information. That’s what happened to these individuals.

As if that wasn’t enough, Americold suffered another cyberattack in November 2020, impacting its operations, phone systems, email services, inventory management, and order fulfillment. While the company has yet to confirm if this was a ransomware attack, the ransomware group responsible for the November 2020 attack remains unknown.

Who is behind the April attack?

Although the company didn’t connect the April 2023 incident to a specific ransomware operation, the Cactus ransomware operation claimed the attack on July 21. The group also leaked a 6GB archive of accounting and finance documents allegedly stolen from Americold’s network, including private and confidential information. Furthermore, the ransomware group plans to release human resources, legal, company audit information, customer documents, and accident reports.

Cactus ransomware is a relatively new operation that surfaced in March this year with double-extortion attacks, first stealing data to use as leverage in ransom negotiations and then encrypting compromised systems.

So, what can we learn from this? Cybersecurity is more important than ever. We can’t emphasize enough how crucial it is for companies and individuals alike to take every precaution to protect their data. And that’s where we come in: IT Services is here to help you navigate the complex world of cybersecurity.

Don’t wait until it’s too late. Contact us to learn more about how we can help safeguard your data and ensure that you’re prepared for any potential cyber threats. And remember, keep coming back to learn more about the latest in cybersecurity.