A known ransomware group claims to have breached the systems of Kraft Heinz, but the food giant says it’s unable to verify the cybercriminals’ allegations.
The ransomware group named Snatch publicly named Kraft Heinz on its website on December 14, but the post appears to have been created on August 16, which indicates that the attack occurred months ago.
Indeed, in a statement issued on Thursday, Kraft Heinz said it’s investigating claims of a cyberattack that occurred several months ago. The company said the target appeared to be a decommissioned marketing site hosted on an external platform, but it’s currently unable to verify the hackers’ claims.
“Our internal systems are operating normally, and we currently see no evidence of a broader attack,” Kraft Heinz said.
The cybercriminals have yet to publish any files as proof of their claims.
Kraft Heinz is one of the world’s biggest food and beverage companies, with roughly 37,000 employees worldwide. The company owns more than 20 brands, including Kraft, Heinz, Boca Burger, Gevalia, Grey Poupon, Oscar Mayer, Philadelphia Cream Cheese, Primal Kitchen, and Wattie’s.
The Snatch ransomware operation has been around since mid-2021, targeting various types of organizations in countries such as the United States, United Kingdom, France and India, including in critical infrastructure sectors.
However, the US government said in a recent report that the individuals behind the operation may have been active since at least 2018, with evidence pointing to links to other well-known ransomware operations.
The group typically encrypts files on the targeted organization’s systems, and also steals data that it threatens to leak in order to increase the chances of getting paid. Its leak website currently names more than 120 alleged victims.
It was discovered a few months ago that Snatch’s site had been leaking data related to its internal operations, as well as the IPs of visitors.