Mondelez reveals that attackers stole employee data

Last updated: 22 June 2023
Mondelez data leak
Image by Cybernews.

Mondelez International, a multi-billion-dollar food and beverage company, said that attackers breached a third-party vendor, accessing Mondelez’s staff details.

The Fortune 500-listed food and beverage behemoth has started notifying its former and current employees about a data breach involving their details.

According to Mondelez, its legal services provider, Bryan Cave Leighton Paisner LLP, fell victim to a hacker attack, leading to criminals stealing sensitive employee data. The attackers had access to the law firm’s systems for over a week in late February.

ADVERTISEMENT

“Bryan Cave informed us of unauthorized access on March 24th, 2023, while continuing to investigate the incident, and later confirmed that an unauthorized third party acquired certain data, which was still being determined,” the company’s breach notification letter said.

It took Mondelez two more months of investigation to narrow down the impact of the breach. According to the company, exposed personal data may include:

  • Social Security number
  • First and last name
  • Address
  • Date of birth
  • Marital status
  • Gender
  • Employee ID number
  • Mondelez retirement and/or thrift plan info

Information that Mondelez provided to the Maine Attorney General shows that over 51,000 current and former staff members were impacted by the data breach.

Cybercriminals can use the captured personal information to commit fraud, including identity theft and phishing attacks, opening new credit accounts, making unauthorized purchases, and obtaining loans under false pretenses.

The company noted that personal financial information such as credit card numbers or account details were not exposed during the attack. The law firm also notified law enforcement about the incident.

“You may want to temporarily freeze your credit. You should be on guard for schemes where malicious actors may pretend to represent Mondelez or reference this incident,” the breach notification letter said.

While Mondelez says that there’s no indication the stolen data was misused, the company advised employees to review account statements and monitor credit reports. As has become the norm after these kinds of incidents, Modenelz vowed to provide credit and identity theft monitoring services.

ADVERTISEMENT

Mondelez International operates in virtually all the world’s countries and owns brands such as Oreo, Milka, Toblerone, Tuc, and others. The company employs nearly 80,000 staff and enjoyed a revenue exceeding $32 billion in 2022.

Share
Post
Share
Share
Share
More from Cybernews
“They’re still sulking about the EU switching to USB C:” users react to Apple’s next iPhone plans
Rooting Android invites hackers: up to 3,000 times more vulnerable
Phishing campaign shifts focus to Macs after browsers enhance security on Windows
Links to the “free” TradingView version hide crypto-stealing malware on Reddit
Jensen Huang’s quantum pivot: when tech leaders admit they’re wrong
Meta AI rolling out in Europe in the coming weeks
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked