Phishing email led to a breach of US food giant Rich Products
A phishing email sent to a single vendor employee has exposed sensitive personal data tied to one of America’s biggest food giants.
Rich Products Corporation, one of the largest privately held food companies in the United States and the inventor of non-dairy whipped topping, has disclosed a data breach impacting individuals associated with the company.
Rich Products Corporation has recently filed a report with regulators at the Maine Attorney General's office.
Headquartered in Buffalo, New York, Rich Products operates in more than 100 countries, employs approximately 13,000 people globally, and generates annual revenue of approximately $5.6 billion.
The company supplies frozen foods, bakery products, desserts, and foodservice solutions worldwide and has repeatedly appeared on Forbes lists of America’s largest private companies.
Breach originated in vendor’s systems
According to the breach disclosure, the cybersecurity incident originated at First Advantage Corporation, a background screening and identity verification provider that conducts over 200 million screens annually. The company works with Rich Products.
First Advantage stated that on November 17th, 2025, it discovered an unauthorized third party had accessed the account of a single employee within its Drug & Occupational Health Screening Unit after a “sophisticated phishing” attack.
The company determined that the attacker had accessed the account around November 13th, 2025, and downloaded the contents of the employee’s email inbox.
First Advantage says it disabled the compromised employee account in response to the threat. To secure the data and prevent such incidents in the future, they claim to have implemented additional security safeguards across their systems.
Consumer notifications began on April 22nd, 2026, several months after the initial compromise.
Sensitive employee data exposed
The breach has affected approximately 200 individuals at Rich Product Corporation.The publicly distributed notification letter by Rich Products mentions that among the stolen data are full names and “other personal identifiers” without further clarification.
However, according to a report submitted to the Massachusetts Office of Consumer Affairs and Business Regulation by First Advantage, Social Security numbers and driver's license information were compromised in the data breach.
The nature of the stolen data is highly sensitive, as attackers could exploit it in a variety of attacks. The affected individuals are at increased risk of identity theft, financial fraud, and targeted phishing attacks.
“To date, we are not aware of fraud or misuse of personal information resulting from this incident,“ First Advantage stated in the notification.
The company is also offering affected individuals two years of complimentary credit monitoring and identity restoration services through Cyberscout, a TransUnion company.
“We encourage you to remain vigilant and review your account statements and free credit reports regularly to ensure there is no unauthorized or unexplained activity,” the company advises.
US food industry a common target of cybercrime
The US food industry has increasingly been targeted by ransomware gangs and cybercriminals.
Just this month, the Qilin ransomware gang claimed Sysco, the world's largest food distributor. Sysco operates more than 340 distribution facilities worldwide, supplying nearly 500 fresh and frozen food products, culinary supplies, and restaurant equipment to roughly 750,000 locations spanning 10 countries.
UNFI, Whole Foods' primary distributor, was also hit by a suspected ransomware attack in June 2025 that forced systems offline. Iconic brands, including Tyson Foods, Krispy Kreme, Kraft Heinz, Garner Foods (Texas Pete), and True World Group, the nation's largest sushi supplier, have all been previously claimed by ransomware gangs.
Unlock more exclusive Cybernews content on YouTube.
