Security Experts:

Connect with us

Hi, what are you looking for?



Cyberattack Forces Brewery Shutdown at Molson Coors

Molson Coors Hack

Molson Coors Hack

Cyberattack Against Molson Coors Impacts Brewery Operations, Production, and Shipments

The wave of big-name companies falling victim to disruptive malware attacks is showing no signs of slowing down with beverage conglomerate Molson Coors Beverage Company announcing on Thursday that it was recovering from an incident that severely disrupted its production operations.

The company’s disclosure of the incident, believed to be a ransomware infection, was contained in an 8K filing with the Securities and Exchange Commission (SEC) that discusses an “a systems outage that was caused by a cybersecurity incident.”

Molson Coors, makers of popular beer brands in the U.S., confirmed the malware attack has caused delays and disruptions to parts of the business handling brewery operations, production, and shipments.

The company produces several iconic beer brands including Coors Light, Miller Lite, Molson Canadian, Carling, Coors Banquet, Blue Moon and others.

The company said it was “actively managing” the incident through an engagement with leading forensic information technology firms.  

“[We are] working around the clock to get its systems back up as quickly as possible,” the company said in the filing.

The company did not provide technical details of the incident.

The Molson Coors Beverage Company’s problems with ransomware mirror similar attacks that have resulted in production being disrupted for a manufacturing company. Earlier this month, French boat maker Groupe Beneteau fell victim to a cyberattack that forced a production shut down for several days. Last month packaging giant WestRock said a ransomware incident impacted the company’s information technology (IT) and operational technology (OT) systems. 

[ ALSO READ: Packaging Giant WestRock Says Ransomware Attack Hit Production ]

“High profile attacks are becoming all too common, as attackers have realized they are immensely more profitable when they target large organizations and disrupt their critical business operations – in this case, the brewing operations of the world’s biggest, well known beer brands,” Edgard Capdevielle, CEO at Nozomi Networks, told SecurityWeek

“While the company hasn’t released details, this scenario could be ransomware and this type of situation should be factored into an organization’s incident response and business continuity plan,” Capdevielle continued. “Beyond a technical response, decision makers need to be prepared to weigh the risks and consequences of alternate actions. Ransomware threat actors typically rely on spear phishing links or vulnerable public services to gain initial entry into a network. Afterward, they move laterally to gain access to as many nodes of the network as possible, allowing them to increase the magnitude of the disruption.”

Last summer beverages company Lion, a major supplier of beer and milk in Australia and New Zealand, was hit by a ransomware attack that caused disruptions to manufacturing processes and customer service. 

Japanese car maker Honda was also hit by ransomware last summer, which impacted production operations at some plants in the United States.

Tech firms have long issued warnings that industrial control systems that power manufacturing plants and utilities are prime targets for ransomware attacks. In a December 2020 report from IBM and industrial cybersecurity firm Dragos, researchers noted that ransomware attacks against industrial entities jumped more than 500 percent over the last two years.

Learn More About at SecurityWeek’s Industrial Control Systems Cybersecurity Conference

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


Vulnerabilities in GE’s Proficy Historian product could be exploited for espionage and to cause damage and disruption in industrial environments.


A hacktivist group has made bold claims regarding an attack on an ICS device, but industry professionals have questioned their claims.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...


Serious vulnerabilities found in Econolite EOS traffic controller software can be exploited to control traffic lights, but the flaws remain unpatched.