Coca-Cola's $4 billion dairy brand forced offline after data breach
Hackers knock out Coca-Cola’s production.

Image by Cybernews.
Hackers have hit Coca-Cola, forcing the company to halt Fairlife production across the US.
Coca-Cola has temporarily shut down production at its Fairlife dairy subsidiary in the United States after a ransomware attack disrupted the company's production systems. The beverage giant disclosed that it detected unauthorized access to part of Fairlife's systems.
According to a filing with the US Securities and Exchange Commission (SEC), the attackers gained access through a third party, compromising Fairlife's IT environment. Among the affected systems were those used by production units.
Fairlife is one of Coca-Cola's fastest-growing brands and a significant part of its beverage portfolio.
Known for its ultra-filtered milk, protein shakes, and nutrition products, Fairlife generates an estimated $4 billion in annual sales, making it one of Coca-Cola's largest non-carbonated brands.
Stay updated with our latest stories and follow us on social media
Be the first to discover new stories, ideas, and updates from our team.
Production halted across the United States
Coca-Cola said all Fairlife production operations in the United States have been “temporarily” suspended while the company investigates the breach and works to restore affected systems.
Fairlife's operations in Canada have not been impacted, the company said. Coca-Cola added that it is working "diligently" to complete the investigation and resume normal operations.
“The full scope, nature, and impacts of the incident are not yet known,” Coca-Cola said in a statement.
The company has not disclosed which ransomware group may be behind the attack. Also, at this point, it remains unclear if any data was stolen and if the company has received a ransom demand.
“The company’s investigation and assessment of the impact of the incident is ongoing, with the assistance of outside advisors and cybersecurity experts. The company has also notified law enforcement,” Coca-Cola stated.
It highlighted that product quality and safety have not been impacted.
Cybernews has reached out to the company for a comment. We will update the story once a response is received.
Coca-Cola was hit before
The beverage giant has been hit by ransomware before. In 2025, Everest ransomware claimed an attack on Coca-Cola’s Middle East distributor. Attackers claimed they had stolen data of nearly 1000 employees, as well as confidential internal documents.
Later on, the gang publicly released Coca-Cola’s data, potentially indicating that ransomware negotiations failed. According to Cybernews investigation, the released files included passport scans, visa copies, and IDs of employees in the Middle East.