Kraft Heinz has confirmed that their programs are working usually and that there is no such thing as a proof they have been breached after an extortion group listed them on a knowledge leak website.
Kraft Heinz is among the world’s largest meals and beverage corporations, with over 37,000 workers working out of 40 nations. The corporate owns quite a few well-known manufacturers, together with Oscar Mayer, Kool-Support, Philadelphia, Lunchables, Maxwell Home, and lots of extra.
In a publish to Snatch extortion group’s knowledge leak website dated August sixteenth, however not made seen till right this moment, the risk actors declare that they breached Kraft Heinz.
When extortion teams checklist an organization on their knowledge leak websites, it signifies that they stole knowledge in a cyberattack and would quickly leak it if a ransom just isn’t paid.
Nonetheless, Snatch has not offered proof of the breach, with the recordsdata part devoid of screenshots of stolen knowledge.
In an announcement to BleepingComputer, Kraft Heinz mentioned they’re investigating whether or not a cyberattack on a decommissioned advertising web site is said to Snatch’s claims however that they don’t seem to be experiencing any points on their company community.
“We’re reviewing claims {that a} cyberattack occurred a number of months in the past on a decommissioned advertising web site hosted on an exterior platform, however are presently unable to confirm these claims,” a Kraft Heinz spokesperson instructed BleepingComputer.
“Our inner programs are working usually, and we presently see no proof of a broader assault.”
Snatch, a ransomware gang which launched in 2018, was one of many first teams to arrange a knowledge leak website to make use of stolen knowledge as leverage of their extortion calls for.
In 2021, risk actors often called “Snatch Workforce” arrange a brand new knowledge leak website, stating that they have been unaffiliated with the earlier ransomware group and didn’t carry out encryption assaults.
Nonetheless, a report by CISA disputes these claims, stating that knowledge from confirmed ransomware victims have appeared on Snatch Workforce’s web site together with knowledge from different ransomware operations’ assaults.
