Mondelez International, a multi-billion-dollar food and beverage company, said that attackers breached a third-party vendor, accessing Mondelez’s staff details.
The Fortune 500-listed food and beverage behemoth has started notifying its former and current employees about a data breach involving their details.
According to Mondelez, its legal services provider, Bryan Cave Leighton Paisner LLP, fell victim to a hacker attack, leading to criminals stealing sensitive employee data. The attackers had access to the law firm’s systems for over a week in late February.
“Bryan Cave informed us of unauthorized access on March 24th, 2023, while continuing to investigate the incident, and later confirmed that an unauthorized third party acquired certain data, which was still being determined,” the company’s breach notification letter said.
It took Mondelez two more months of investigation to narrow down the impact of the breach. According to the company, exposed personal data may include:
- Social Security number
- First and last name
- Date of birth
- Marital status
- Employee ID number
- Mondelez retirement and/or thrift plan info
Information that Mondelez provided to the Maine Attorney General shows that over 51,000 current and former staff members were impacted by the data breach.
Cybercriminals can use the captured personal information to commit fraud, including identity theft and phishing attacks, opening new credit accounts, making unauthorized purchases, and obtaining loans under false pretenses.
The company noted that personal financial information such as credit card numbers or account details were not exposed during the attack. The law firm also notified law enforcement about the incident.
“You may want to temporarily freeze your credit. You should be on guard for schemes where malicious actors may pretend to represent Mondelez or reference this incident,” the breach notification letter said.
While Mondelez says that there’s no indication the stolen data was misused, the company advised employees to review account statements and monitor credit reports. As has become the norm after these kinds of incidents, Modenelz vowed to provide credit and identity theft monitoring services.
Mondelez International operates in virtually all the world’s countries and owns brands such as Oreo, Milka, Toblerone, Tuc, and others. The company employs nearly 80,000 staff and enjoyed a revenue exceeding $32 billion in 2022.
More from Cybernews:
Subscribe to our newsletter