Dairy giant Agropur confirms major breach in which customer data was exposed
Canadian dairy giant Agropur has suffered a data breach, but many details about the incident are not yet known.
A report from BleepingComputerTo whom the company confirmed it had been the victim of an attack, it noted that the incident was limited to a portion of Agropur’s shared online directory and had no impact on the company’s transaction systems.
“The continuity of our activities has not been affected,” the company said in the statement. “After discovering the issue, we immediately initiated an investigation and took steps to address the incident, including implementing corrective actions to limit the impact. In order not to prejudice the investigation, we will make no further comment.”
Missing important details
Until the company provides more details, or until a malicious party takes responsibility, important information remains unknown.
For example, we don’t know who attacked Agropur, how and what data they gained access to, whether the data was stolen, whether an infostealer was used, and whether the attackers demanded money in exchange for keeping it safe.
If the investigation shows that the attack had meaningful volume, the company will most likely have to file an 8-K report with the U.S. Securities and Exchange Commission (SEC), which is usually the best way to obtain valid information about the breach. Hackers often lie about the data they steal, either to pressure victims to pay or to improve their standing in the cybercriminal community.
Founded in 1938, the Canadian dairy cooperative is currently one of the largest dairy processors in North America. It produces a wide range of dairy products, including cheese, yogurt, butter and milk powders. Agropur is owned by over 3,000 dairy farmers and operates numerous processing facilities in Canada and the United States. The cooperative is known for producing milk, cheese, butter, cream and ice cream. It has over 7,000 employees.