The Dairy Farmers of America Confirms Data Breach Affecting Employees and Members

The Dairy Farmers of America reported that in June, cybercriminals infiltrated its internal systems, compromising and gaining access to the personal information of both employees and cooperative members.

 

The Dairy Farmers of America is a U.S.-based, farmer-owned milk cooperative and one of the nation’s largest dairy processors. It represents thousands of farmers, marketing raw milk and selling diverse dairy products and ingredients to buyers domestically and abroad.

 

In a data security incident notice filed with the Office of Maine Attorney General, DFA said that on June 13, it identified unauthorised access within its internal network. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

It also took steps to secure the affected systems and notified relevant law enforcement authorities about the same.

 

“Beginning on June 11, 2025, an unauthorised third party gained access to our network through a sophisticated social engineering campaign, which led to the unauthorised access and exfiltration of company data, including personal information,” DFA said.

 

The compromised data included  names, Social Security numbers, driver’s license or state

issued ID numbers, dates of birth, bank account numbers, and Medicare or Medicaid numbers. The filing with the Maine state regulator’s office also states that DFA has identified at least 4,546 individuals affected by the incident.

 

“Dairy Farmers of America takes the security of all information in our systems very seriously, and we want to assure you that we’ve already taken steps to prevent a recurrence. Among other actions, we have increased monitoring, further improved security controls, and reinforced our systems,” the organisation added.

 

DFA has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general. 

 

It has also offered two years of complimentary identity protection and credit monitoring services through Cyberscout to all affected individuals. 

 

 

The Play ransomware group claimed responsibility for the cyber attack and listed DFA as a victim on its data leak site. The group claimed to be in possession of  the organisation’s data and threatened to leak it unless its ransom demands were met.