Dairy giant Agropur confirms major breach exposed customer data

Cyber attack
Image Credit: Shutterstock (Image credit: No credit)

Canadian dairy giant Agropur suffered a data breach, but many details about the incident are not yet known.

A report from BleepingComputer, to whom the company confirmed suffering an attack noted, the incident was limited to part of Agropur's shared online directory and that it did not affect its transactional systems. 

"The continuity of our operations was not affected," the company said in the statement. "After detecting the issue, we immediately launched an investigation and took steps to address the incident, including the implementation of corrective measures to mitigate the impact. To avoid prejudicing the investigation, we will not make further comment at this time.”

Missing key details

Until the company comes forward with more details, or until a threat actor assumes responsibility, key information remains unknown. 

For example, we don’t know who attacked Agropur, how, and what kind of data they accessed, if the data was stolen, if an infostealer was used, and if the attackers are demanding any money in exchange for keeping it secure.

If the investigation shows the attack had any meaningful volume, the company will most likely have to file an 8-K report with the US Securities and Exchange Commission (SEC), which is usually the best way to get valid information about the breach. Hackers often lie about the data they steal, either to pressure the victims into paying up, or to improve their standing in the cybercriminal community. 

Founded in 1938, the Canadian dairy cooperative is currently one of North America's largest dairy processors. It produces a wide range of dairy products, including cheese, yogurt, butter, and milk powders. Agropur is owned by over 3,000 dairy farmers and operates numerous processing facilities across Canada and the United States. The cooperative is known for producing milk, cheese, butter, cream, and ice cream. It counts more than 7,000 employees.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.