Breaking
Tech

Ransomware attack halts Coca-Cola's Fairlife dairy production in the US

TechCrunch3 h ago
A quiet, idle dairy production line with stainless steel equipment
A quiet, idle dairy production line with stainless steel equipmentPhoto: Anna Shvets / Pexels

Coca-Cola has confirmed that dairy production at its Fairlife unit will 'remain suspended' in the United States following a ransomware attack, halting output at a business that produces the company's high-protein milk brand, a fast-growing part of its portfolio in recent years. The company has not said when it expects production to resume.

Ransomware attacks work by encrypting a target organization's computer systems and data, with attackers demanding payment in exchange for a decryption key. When the affected systems control physical manufacturing equipment rather than just office computers, as is common in food and beverage plants, an attack can halt production lines entirely rather than simply disrupting back-office operations.

Coca-Cola has not publicly detailed which specific systems were compromised or attributed the attack to a particular group, both common practices in the early stages of an active incident response, when companies are often still working with cybersecurity investigators to understand the scope of a breach before disclosing further detail that could complicate negotiations or recovery.

The incident adds to a run of cyberattacks against food and beverage manufacturers in recent years, a sector security researchers describe as an increasingly attractive target for ransomware groups precisely because production delays are costly and highly visible, giving attackers leverage to pressure a quick ransom payment rather than a prolonged recovery.

A widely cited earlier case involved JBS, one of the world's largest meat processors, which paid an $11 million ransom in 2021 after an attack disrupted operations across multiple countries — an episode that prompted US government agencies to issue specific guidance to food and agriculture companies about ransomware preparedness in the years since.

Security researchers point to a structural vulnerability specific to manufacturing: many food production facilities run operational technology — the specialized computer systems that control physical equipment like mixers, packaging lines and refrigeration — that is older, harder to patch, and less consistently monitored than standard corporate IT systems, making it a comparatively soft target once attackers gain a foothold in a company's network.

For Coca-Cola and Fairlife, the immediate consequence is a gap in supply of Fairlife-branded products to US retailers for as long as production remains halted, though the company has not detailed how long that gap is expected to last or how it plans to manage distribution to existing retail partners in the meantime.

The US government has increasingly classified food and agriculture as critical infrastructure for cybersecurity purposes, a designation that brings additional federal reporting requirements and, in some cases, coordination support from agencies such as the Cybersecurity and Infrastructure Security Agency when a major producer is hit.

Cybersecurity specialists generally advise affected companies against paying ransoms, noting that payment neither guarantees full data recovery nor prevents attackers from striking the same organization again, though the advice is frequently weighed against the immediate commercial pressure of extended production downtime, which can run into significant daily losses for a large manufacturer.

Coca-Cola said it is working to restore operations at the Fairlife facility, without providing a specific timeline. The incident is likely to renew scrutiny of cybersecurity investment across the food manufacturing sector, where researchers say the gap between the potential cost of an attack and the cost of hardening operational technology systems in advance remains a persistent challenge for companies balancing security spending against other priorities.

This article is an AI-curated summary based on TechCrunch. The illustration is a stock photo by Anna Shvets from Pexels.

Read next