A leading global food distribution company, Sysco, has recently confirmed that its network was breached, resulting in the theft of sensitive information, including business, customer, and employee data.
In an internal memo sent to employees on May 3rd and seen by IT Services, the company revealed that customer and supplier data in the U.S. and Canada, as well as personal information belonging to U.S. employees, may have been impacted in the incident.
“On March 5, 2023, Sysco became aware of a cybersecurity event perpetrated by a threat actor believed to have begun on January 14, 2023, in which the threat actor gained access to our systems without authorization and claimed to have acquired certain data,” Sysco added in data breach notification letters sent to some of the affected individuals.
In total, the data breach affected 126,243 who had their names and other personal identifiers exposed together with Social Security Numbers, as revealed in a filing with the Maine Attorney General’s Office
Sysco also confirmed the security breach in a 10-Q quarterly report filed with the U.S. Securities and Exchange Commission one week ago, on May 2nd.
“The investigation determined that the threat actor extracted certain company data, including data relating to operation of the business, customers, employees and personal data,” the company said.
“The investigation is ongoing, and Sysco has begun the process of preparing to comply with its obligations with respect to the extracted data.”
The company believes the employees’ data stolen from its systems during the breach is a combination of the following: personal information provided to Sysco for payroll purposes, including name, social security number, account numbers, or similar info.
Sysco also hired a cybersecurity firm to help investigate the incident and notified federal law enforcement of the cyberattack.
Sysco: No impact on customer service and business operations
Despite the breach, Sysco has stated that their business operations have not been impacted, and customer service has not been interrupted, according to the 10-Q SEC filing.
Sysco also assured affected individuals that there is no ongoing threat to its network and that its security team implemented additional safeguards to prevent a similar breach from occurring in the future.
With more than 71,000 employees, Sysco operates 333 distribution facilities worldwide and services around 700,000 customer locations, including restaurants, healthcare, and educational facilities.
According to its website, Sysco generated over $68 billion in sales for the fiscal year 2022, which ended on July 2, 2022.
Unfortunately, a Sysco spokesperson was unavailable for comment when contacted by IT Services earlier today.
Update: Added link to data breach notification letter sample.
Update 2: Added info on the number of individuals affected by the data breach.
Is There a Connection Between the Reddit Hackers and the Data Breach at Sysco?
Is there a connection between the Reddit hackers and the data breach at Sysco? It’s unclear. However, with the recent reddit data leak warning imminent, it’s essential to take precautions. Both incidents highlight the vulnerability of online platforms and the need to prioritize cybersecurity. Stay informed, use strong passwords, and be cautious of suspicious activities to protect your personal information.
Don’t let this happen to your business
As business owners, you have a responsibility to protect your company and your customers’ data. Now is the time to take action and ensure your cybersecurity measures are up to par. Don’t wait until it’s too late.
Contact us today to learn how ZZ Servers can assist you in implementing robust cybersecurity solutions that safeguard your business from cyber threats. Our team of experts is ready to help you protect your valuable assets and maintain your customers’ trust.