Dole discloses employee data breach after ransomware attack

Dole discloses employee data breach after ransomware attack

Fresh produce giant, Dole Food Company, announced in February of this year that it experienced a cybersecurity incident which was identified as ransomware.

Upon learning of this incident, Dole moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who worked in partnership with Dole’s internal teams to remediate the issue and secure systems.

The company notified law enforcement about the incident.

While continuing to investigate the scope of the incident, the impact to Dole operations was limited.

The company has now confirmed that threat actors behind the attack accessed the information of an undisclosed number of employees. Dole employs around 38,000 people worldwide, providing fresh fruits and vegetables to customers in more than 75 countries.

In response, Jonathan Knudsen, Head of Global Research at Synopsys Cybersecurity Research Centre, said: “In 2011, Marc Andreesen famously proclaimed, ‘Software is eating the world’, but a decade earlier Watts Humphrey beat him to the punch by saying, ‘Every business is a software business’.

“Software is the critical infrastructure of our time. Cyberattacks on food giant, Dole, are the latest illustration that software is the soft underbelly for our society.

“Cyberattacks on food, healthcare, energy and every other critical infrastructure sector are a reminder that software risk is business risk. Organisations assess and manage risk from natural disasters, geopolitical turmoil, economic vicissitudes and other types of hazards; savvy organisations recognise the risk posed by the software they use and take steps to minimise that risk.

“A holistic approach to security allows organisations to spend resources most effectively to reduce risk. This means ensuring that the processes for evaluating, procuring, configuring, operating and maintaining software include security at every phase.

“Recognising that we cannot talk about software without also talking about security and risk is a vital first step towards building a better future.”

Click below to share this article

Browse our latest issue

Intelligent CISO

View Magazine Archive