More than 28,000 individuals were impacted by a data breach at independent bottling company Pepsi Bottling Ventures.
Discovered on January 10, the data breach occurred between December 23, 2022, and January 19, 2023, and resulted in the personal, financial, and health information of the company’s employees being accessed by an unauthorized party.
On February 10, Pepsi Bottling Ventures started informing the impacted individuals that the attackers gained access to certain systems containing their personal information, but did not reveal how many individuals were affected.
In conjunction with a public announcement regarding the incident, Pepsi Bottling Ventures recently informed the Maine Attorney General’s Office that the attackers had access to the personal information of more than 28,000 individuals.
According to the company, the compromised data includes names, addresses, email addresses, financial account information, ID numbers, driver’s license numbers, Social Security numbers, digital signatures, medical history details, and health insurance information.
The stolen information, the company says, belongs to current and former employees and to contractors.
Pepsi Bottling Ventures says it has strengthened the security of its network and has prompted a company-wide password reset to secure all employee and partner accounts within its network.
“Please promptly change your username(s), password(s), and security question answer(s) for any accounts or account information you maintain with Pepsi Bottling Ventures,” the company told the impacted individuals.
The company says it is not aware of the compromised information being misused, but such data is often sold or shared on underground cybercrime portals and then used in phishing and other types of attacks.
Related: American Airlines, Southwest Airlines Impacted by Data Breach at Third-Party Provider
Related: Intellihartx Informs 490k Patients of GoAnywhere-Related Data Breach
Related: Toyota Discloses New Data Breach Involving Vehicle, Customer Information
