Food giant Sysco confirms customer data stolen in cyberattack

10 May 2023

Image: © wolterke/Stock.adobe.com

Sysco detected the data breach in March but believes the threat actor began their attack in January, with business, employee and personal data stolen.

Global food distributor Sysco has said that company data has been stolen as a result of a cyberattack earlier this year.

The stolen information is believed to include business, customer, employee and personal data. The company has not revealed how many businesses or customers have been affected.

However, Sysco’s investigation indicates that only its businesses in the US and Canada were impacted by the data breach, according to a company statement shared with SiliconRepublic.com.

In a filing sent to the US Securities and Exchange Commission spotted by Bleeping Computer, Sysco said it detected the breach on 5 March but believes the infiltration started on 14 January.

“Immediately upon detection, Sysco initiated an investigation, with the assistance of cybersecurity and forensics professionals,” the company said in the filing. “The investigation determined that the threat actor extracted certain company data”.

The food giant has more than 71,000 employees and operates 333 distribution facilities worldwide, serving more than 700,000 customer locations. The company’s Irish subsidiary claims to be the largest food business on the island of Ireland, with more than 1,300 staff.

In its US filing, the company said its normal business functions were not affected by the data breach, while federal law enforcement in the US has been notified.

“The investigation is ongoing, and Sysco has begun the process of preparing to comply with its obligations with respect to the extracted data,” Sysco said.

Martin MacKay, CRO of cybersecurity company Versa Networks, said this is a “serious incident” as stolen data can be sold on the dark web, to be used for “further crimes such as fraud and identity theft”.

“It is a distressing situation for the business, employees, and customers as they do not know who has access to their personal data and how it might be used,” MacKay said. “Incidents like this can cause both short-term financial damage and long-term reputational damage.

“Therefore, organisations must be proactive in implementing cybersecurity measures to avoid such incidents.”

Earlier this month, T-Mobile confirmed it suffered a second data breach this year, impacting roughly 836 users. This was much smaller than the earlier data breach this year, which impacted an estimated 37m customers based on rough estimates by the company.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Updated, 10.33am, 11 May 2023: This article was updated to include a statement from Sysco about its US and Canadian businesses being impacted by the cyberattack.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com