Security Experts:

Connect with us

Hi, what are you looking for?



Cyberattack Forces Brewery Shutdown at Molson Coors

Molson Coors Hack

Molson Coors Hack

Cyberattack Against Molson Coors Impacts Brewery Operations, Production, and Shipments

The wave of big-name companies falling victim to disruptive malware attacks is showing no signs of slowing down with beverage conglomerate Molson Coors Beverage Company announcing on Thursday that it was recovering from an incident that severely disrupted its production operations.

The company’s disclosure of the incident, believed to be a ransomware infection, was contained in an 8K filing with the Securities and Exchange Commission (SEC) that discusses an “a systems outage that was caused by a cybersecurity incident.”

Molson Coors, makers of popular beer brands in the U.S., confirmed the malware attack has caused delays and disruptions to parts of the business handling brewery operations, production, and shipments.

The company produces several iconic beer brands including Coors Light, Miller Lite, Molson Canadian, Carling, Coors Banquet, Blue Moon and others.

The company said it was “actively managing” the incident through an engagement with leading forensic information technology firms.  

“[We are] working around the clock to get its systems back up as quickly as possible,” the company said in the filing.

The company did not provide technical details of the incident.

The Molson Coors Beverage Company’s problems with ransomware mirror similar attacks that have resulted in production being disrupted for a manufacturing company. Earlier this month, French boat maker Groupe Beneteau fell victim to a cyberattack that forced a production shut down for several days. Last month packaging giant WestRock said a ransomware incident impacted the company’s information technology (IT) and operational technology (OT) systems. 

[ ALSO READ: Packaging Giant WestRock Says Ransomware Attack Hit Production ]

“High profile attacks are becoming all too common, as attackers have realized they are immensely more profitable when they target large organizations and disrupt their critical business operations – in this case, the brewing operations of the world’s biggest, well known beer brands,” Edgard Capdevielle, CEO at Nozomi Networks, told SecurityWeek

“While the company hasn’t released details, this scenario could be ransomware and this type of situation should be factored into an organization’s incident response and business continuity plan,” Capdevielle continued. “Beyond a technical response, decision makers need to be prepared to weigh the risks and consequences of alternate actions. Ransomware threat actors typically rely on spear phishing links or vulnerable public services to gain initial entry into a network. Afterward, they move laterally to gain access to as many nodes of the network as possible, allowing them to increase the magnitude of the disruption.”

Last summer beverages company Lion, a major supplier of beer and milk in Australia and New Zealand, was hit by a ransomware attack that caused disruptions to manufacturing processes and customer service. 

Japanese car maker Honda was also hit by ransomware last summer, which impacted production operations at some plants in the United States.

Tech firms have long issued warnings that industrial control systems that power manufacturing plants and utilities are prime targets for ransomware attacks. In a December 2020 report from IBM and industrial cybersecurity firm Dragos, researchers noted that ransomware attacks against industrial entities jumped more than 500 percent over the last two years.

Learn More About at SecurityWeek’s Industrial Control Systems Cybersecurity Conference

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


Siemens and Schneider Electric address nearly 100 vulnerabilities across several of their products with their February 2023 Patch Tuesday advisories.


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).