Dole discloses data breach after February ransomware attack

Dole Food Company confirmed that threat actors behind the recent ransomware attack had access to employees’ data.

Dole Food Company is an Irish agricultural multinational corporation, it is one of the world’s largest producers of fruit and vegetables, operating with 38,500 full-time and seasonal employees who supply some 300 products in 75 countries. Dole reported 2021 revenues of $6.5 billion.

In February, the company announced that it has suffered a ransomware attack that impacted its operations. At the time of the disclosure, the company did not provide details about the attack.

“Dole plc (DOLE:NYSE) announced today that the company recently experienced a cybersecurity incident that has been identified as ransomware.” reads a notice published by the company. “Upon learning of this incident, Dole moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who have been working in partnership with Dole’s internal teams to remediate the issue and secure systems.”

Now Dole Food Company has confirmed threat actors behind the February ransomware attack had access to the information of an undisclosed number of employees.

“We have in the past experienced, and may in the future face, cybersecurity incidents. In February of 2023, we were the victim of a sophisticated ransomware attack involving unauthorized access to employee information.” reads the annual report filed with the U.S. Securities and Exchange Commission (SEC). “Upon detecting the attack, we promptly took steps to contain the attack, retained the services of leading third-party cybersecurity experts and notified law enforcement. The February 2023 attack had a limited impact on our operations.”

In February the company revealed that the attack had a limited impact on its operations.

“Upon detecting the attack, we promptly took steps to contain the attack, retained the services of leading third-party cybersecurity experts and notified law enforcement. The February 2023 attack had a limited impact on our operations.” continues the report.

Despite the company denying a huge impact on its operations, it was forced to shut down production plants across North America.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Dole Food Company)