Ransomware attack halts Coca-Cola's Fairlife dairy production in the US

Coca-Cola has confirmed that dairy production at its Fairlife unit will 'remain suspended' in the United States following a ransomware attack, halting output at a business that produces the company's high-protein milk brand, a fast-growing part of its portfolio in recent years. The company has not said when it expects production to resume.
Ransomware attacks work by encrypting a target organization's computer systems and data, with attackers demanding payment in exchange for a decryption key. When the affected systems control physical manufacturing equipment rather than just office computers, as is common in food and beverage plants, an attack can halt production lines entirely rather than simply disrupting back-office operations.
Coca-Cola has not publicly detailed which specific systems were compromised or attributed the attack to a particular group, both common practices in the early stages of an active incident response, when companies are often still working with cybersecurity investigators to understand the scope of a breach before disclosing further detail that could complicate negotiations or recovery.
The incident adds to a run of cyberattacks against food and beverage manufacturers in recent years, a sector security researchers describe as an increasingly attractive target for ransomware groups precisely because production delays are costly and highly visible, giving attackers leverage to pressure a quick ransom payment rather than a prolonged recovery.
A widely cited earlier case involved JBS, one of the world's largest meat processors, which paid an $11 million ransom in 2021 after an attack disrupted operations across multiple countries — an episode that prompted US government agencies to issue specific guidance to food and agriculture companies about ransomware preparedness in the years since.
Security researchers point to a structural vulnerability specific to manufacturing: many food production facilities run operational technology — the specialized computer systems that control physical equipment like mixers, packaging lines and refrigeration — that is older, harder to patch, and less consistently monitored than standard corporate IT systems, making it a comparatively soft target once attackers gain a foothold in a company's network.
For Coca-Cola and Fairlife, the immediate consequence is a gap in supply of Fairlife-branded products to US retailers for as long as production remains halted, though the company has not detailed how long that gap is expected to last or how it plans to manage distribution to existing retail partners in the meantime.
The US government has increasingly classified food and agriculture as critical infrastructure for cybersecurity purposes, a designation that brings additional federal reporting requirements and, in some cases, coordination support from agencies such as the Cybersecurity and Infrastructure Security Agency when a major producer is hit.
Cybersecurity specialists generally advise affected companies against paying ransoms, noting that payment neither guarantees full data recovery nor prevents attackers from striking the same organization again, though the advice is frequently weighed against the immediate commercial pressure of extended production downtime, which can run into significant daily losses for a large manufacturer.
Coca-Cola said it is working to restore operations at the Fairlife facility, without providing a specific timeline. The incident is likely to renew scrutiny of cybersecurity investment across the food manufacturing sector, where researchers say the gap between the potential cost of an attack and the cost of hardening operational technology systems in advance remains a persistent challenge for companies balancing security spending against other priorities.
Read next

SpaceX aborts second Starship V3 launch attempt after engine ignition
SpaceX halted its second attempt to launch the newest Starship V3 vehicle just after its engines ignited, without immediately explaining what went wrong. Shares of the company fell in after-hours private trading before paring some of the losses.

Hyundai workers strike over the automaker's humanoid robot rollout plan
Workers at a Hyundai auto factory have gone on strike over the company's plan to deploy 25,000 Atlas humanoid robots, starting with US plants in 2028. The dispute reflects a wider tension in manufacturing as automakers move humanoid robots from pilot programs toward production lines.

Why 'human-in-the-loop' AI oversight keeps failing in practice
Keeping a human in the loop is the default answer to worries about autonomous AI agents making mistakes. But as agents take on more tasks, engineers are finding that the humans reviewing them grow fatigued and start rubber-stamping — turning a safety mechanism into a formality.

CD sales are rising again: why people are buying more physical music
CD sales climbed 16% year-over-year in the first half of 2026 in the US, according to research firm Luminate, reversing decades of decline. The growth is being driven by collectors, K-pop fandoms and listeners priced out of vinyl — and some buyers aren't even playing the discs.

Stripe and Advent's reported $53 billion bid for PayPal, explained
Payments company Stripe and private equity firm Advent International have reportedly made a joint offer worth more than $53 billion to acquire PayPal, according to people familiar with the matter. Here's what such a deal would mean for the online payments industry, and why it would face serious regulatory hurdles.