Food production giant Dole says February ransomware attack compromised employees' personal data

Ireland-based fresh food production giant Dole has admitted that a recent ransomware attack targeting its systems compromised the sensitive personal information of its employees.

Headquartered in Dublin, Ireland, Dole is among the world’s largest producers of fruit and vegetables, running more than 250 processing plants and distribution centres worldwide. The company earned a revenue of $6.5 billion in 2021 and employs nearly 40,000 people in several countries.

In a press release published last month, the company said that it experienced a ransomware attack that affected its daily operations. The company immediately launched an investigation with assistance from forensic experts to fix the issue and secure its systems.

Emanuel Lazopoulos, the senior vice president of Dole’s Fresh Vegetables division, wrote in a memo to retailers on February 10 that the company was “in the midst of a Cyber Attack and have subsequently shut down our systems throughout North America.”

“Our plants are shut down for the day and all our shipments are on hold. Please bear with us as we navigate our way and hopefully, we will minimize this event,” the memo read.

The food production giant said that it also notified all relevant law enforcement authorities about the ransomware attack.

In a recent filing with the U.S. Securities and Exchange Commission (SEC), Dole said that threat actors behind the ransomware attack it experienced in February gained unauthorised access to its employees’ data.

“In February of 2023, we were the victim of a sophisticated ransomware attack involving unauthorised access to employee information. Upon detecting the attack, we promptly took steps to contain the attack, retained the services of leading third-party cybersecurity experts, and notified law enforcement,” Dole said in the filing.

Dole is yet to comment on whether the company has identified the threat actor behind the ransomware attack or how many individuals were affected by the security incident.

Commenting on the news, Erfan Shadabi, Cybersecurity Expert at comforte AG, said, “Looking at the attack that affected the Dole Food Company, we should be mindful of the fact that some threat actors initiate cyber-attacks simply for the chaos they sow. Of course, ransomware attacks depend on spreading as much confusion and fear as possible to disrupt operations and force the targeted organization into a desperate mindset. We saw a similar situation with various incidents in 2021 and 2022.

“If you’re trying to take away a “lesson learned” from this incident, does it really matter what threat actors’ ultimate goals were, whether financial gain, pure chaos, weaponizing sensitive information, or all of the above? Assume that if your organisation is targeted, hackers will go after your most sensitive data first and foremost. They will try to bring down the operational environment and disrupt your business as much as possible. The answer is vigilance and adopting the assumption that you are next.

“Protect your enterprise data not just with enhanced perimeter security but with data-centric security such as tokenization applied directly to that data. Have a clear incident response plan in place that outlines the steps to be taken in the event of a ransomware attack, and lastly, reduce any implicit trust of an entity or user based on location within the network down to zero: challenge, verify, and challenge again,” Shadabi added.