Americold Hit by Ransomware Attack Impacting 130,000 Individuals
In a shocking revelation, Americold, the world’s largest publicly traded real estate investment trust specializing in temperature-controlled warehouses, fell victim to a ransomware attack in April. The attack, affecting nearly 130,000 individuals, compromised sensitive information of current and former employees, as well as their dependents. Americold, based in Atlanta, recently disclosed this cybersecurity incident in a breach report submitted to regulators in Maine.
Nature of the Attack
Although Americold did not explicitly term it a ransomware attack, the breach involved the deployment of malware on certain systems. The incident came to light on April 26, prompting Americold to take immediate measures, including taking operations offline to secure systems and minimize disruption.
Following an extensive investigation that concluded on November 8, it was revealed that the compromised information included names, addresses, Social Security numbers, driver’s license/state ID numbers, passport numbers, financial account information, and employment-related health insurance and medical details.
During the attack in April and May, customers reported disruptions, with Americold instructing them to cancel or reschedule deliveries, except for those involving critical perishable products. The incident led to operational challenges, including phone system outages and restricted access to facilities.
Americold promptly reported the incident to the Securities and Exchange Commission, emphasizing their commitment to securing systems and minimizing disruptions. The company’s thorough investigation aimed to assess the extent of the breach and safeguard the affected individuals.
Previous Cybersecurity Incidents
This marks the second cyberattack on Americold, following a previous incident in November 2020. In July, the company surfaced on the leak site for the Cactus ransomware gang, known for exploiting vulnerabilities in VPN appliances and impacting industrial organizations.
Cactus Ransomware Gang Background
The Cactus ransomware gang, implicated in the attack, gained notoriety for using malware distributed through online advertisements to infect victims. The gang has increasingly targeted industrial organizations, impacting industrial control systems equipment, manufacturing, and engineering sectors.
Americold’s prominence as a major player in temperature-controlled warehouses raises concerns about the broader impact on food producers, distributors, and retailers relying on the company’s services.
As cybersecurity threats continue to evolve, the Americold ransomware attack underscores the importance of robust cybersecurity measures across industries. The incident serves as a reminder for organizations to remain vigilant, invest in cybersecurity infrastructure, and collaborate to mitigate potential risks and protect sensitive data. Stay tuned for further developments on this significant breach.