Clorox warns of potential shortages following cyberattack

(Image credit: Shutterstock / binarydesign)

Clorox, the company behind many wel-known household cleaning products, suffered a cyberattack last month which caused serious disruption in its production chain, the company has confirmed.

In a filing it made with the US Securities and Exchange Commission on August 14, Clorox said it experienced, “unauthorized activity” on some of its endpoints. To address the issue, the company was forced to turn some of its systems offline. 

“To the extent possible, and in line with its business continuity plans, Clorox has implemented workarounds for certain offline operations in order to continue servicing its customers,” the document added. “However, the incident has caused and is expected to continue to cause disruption to parts of the company’s business operations.”

Was it ransomware?

As far as facts go, that’s all Clorox has given us. It added that it expects the attack to leave a dent in its fiscal first quarter, but it’s not sure exactly how much. It also can’t know for certain what this attack will mean in the mid-term, or long term. It expects automated order processing to return to normal during the week, but it can’t definitely say when it will able to get back to full production as it was before the attack.

Besides taking some systems offline, Clorox did what all companies do in this situation - it hired a third-party cybersecurity firm to help with the investigation and the recovery of any compromised assets. 

If it looks like a duck, the old saying goes, it’s probably a duck. While Clorox did not specifically describe this incident as a ransomware attack, the fact that it was forced to shut some systems down and has trouble restoring operations sounds a lot like a ransomware attack. Still, no ransomware groups have claimed responsibility for the attack, nor has any data leaked on the dark web, as is usually the case.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.