Ransomware, Threat Management

Dole now says February attack spilled employee data

crippling cyberattack against Dole Food Company
A ransomware attack against food giant Dole delayed North American shipments of salad kits leading to shortages. (Photo by Justin Sullivan/Getty Images)

Data tied to a crippling cyberattack against Dole Food Company, which resulted in a reported temporary shutdown of its North American production facilities, included employee personal identifiable information. In a Wednesday Dole Securities and Exchange Commission (SEC) filing, the food giant disclosed the ransomware attack involved the unauthorized access to employee information.

According to a SEC regulatory (20-F) disclosure on Wednesday Dole stated the attack “involved unauthorized access to employee information.”

“In February of 2023, we were the victim of a sophisticated ransomware attack,” according to Dole. “The February 2023 attack had a limited impact on our operations.”

On Feb. 22, when the Dole ransomware attack was first made public, CNN reported that Emanuel Lazopoulos, senior vice president at Dole's Fresh Vegetables division, sent a memo on Feb. 10 memo to retailers stating "Dole Food Company is in the midst of a Cyber Attack and have subsequently shut down our systems throughout North America."   

Dole hasn’t disclosed any additional details tied to the attack or specifics on the type of employee data exfiltrated.

An image of a Dole memo posted to social media on Feb. 17 by a Stewart's Food Store, in Olney, Texas stated a cyberattack against Dole shut down systems and put shipments on hold. CNN reported grocery stores were unable to receive Dole Chopped Sesame to Dole Butter Bliss salad kits.

In related efforts to prevent attacks on food distribution networks, a December alert issued by the Federal Bureau of Investigation, the Food and Drug Administration Office of Criminal Investigations and the U.S. Department of Agriculture, warned of an uptick in attacks.

It stated that federal agencies have “recently observed incidents of criminal actors using business email compromise (BEC) to steal shipments of food products and ingredients valued at hundreds of thousands of dollars.”

Avishai Avivi, chief information security officer at SafeBreach, pointed out that although little information has been provided about the actual breach, based on Dole's action to shut down its system across North America, Avivi believes that the breach involved lateral movement. Avivi said this action indicates either poor segmentation of Dole's networks, or the attack hit a core service shared throughout the North American systems. “Considering Dole's organized response, I would lean toward the latter,” said Avivi.

No information has been reported on the details of a ransom note or data exfiltration threat.

Related

Action needed amid escalating ransomware attacks, record-high payments

With ransomware payments exceeding $1 billion for the first time last year amid an almost 18% increase in ransomware attack prevalence between 2022 and 2023, the Institute for Security and Technology's Ransomware Task Force has called for the accelerated implementation of its nearly 50 recommendations in combating ransomware attacks, only half of which have been addressed over the last three years, Cybernews reports.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.