Sysco, a US-based multi-billion-dollar conglomerate, notified over 126k of its current and former employees of a data breach exposing their sensitive data.
Sysco, the largest marketer and distributor of food service products in North America with revenues exceeding $68 billion last year, has sent breach notification letters to thousands of people.
According to the company, Sysco noticed that its systems were breached on March 5th, 2023. Worryingly, the company believes that attackers accessed its systems almost two months earlier, on January 14th. The letter indicates that the attackers contacted the company, hinting that it might have been a ransomware attack.
Information that Sysco provided to the Maine Attorney General shows that data of over 126,000 current and former employees were exposed during the attack. The company informed Maine authorities that threat actors acquired victims’ “names or other personal identifiers” as well as Social Security numbers (SSNs).
“While we cannot confirm at this time specifically what information may have been impacted for each individual colleague, we believe it could include some combination of the following data: personal information provided to Sysco for payroll purposes, including name, social security number, account numbers or similar information,” Sysco’s letters to affected staff said.
Even though the never-ending stream of data breaches can cause fatigue, the dangers of losing one’s own persist. For example, cybercriminals can use personal information to commit fraud: from identity theft and phishing attacks to opening new credit accounts, making unauthorized purchases, or obtaining loans under false pretenses.
The company stressed that it informed law enforcement about the incident and emphasized that the attack did not impact its business functions or the data of its customers.
It also promised to provide staff whose data might have been exposed with identity theft protections and credit monitoring services for two years.
Sysco is one of the world’s largest broadline food distributors, boasting 600,000 clients throughout the globe. The company, headquartered in Houston, Texas, employs nearly 70,000 people on several continents, providing services to everyone from hospitals to hotels.
Updated on May 19 [09:15 AM GMT]: headline of the article was changed to reflect the number of people exposed. Previously, it stated that “over 126k Social Security numbers were exposed.” Sysco clarified the company doesn't know how many SSNs were exposed during the attack.
Your email address will not be published. Required fields are markedmarked