Security Experts:

Connect with us

Hi, what are you looking for?


Data Breaches

Pepsi Bottling Ventures Discloses Data Breach

Pepsi Bottling Ventures, the largest privately-held bottler of Pepsi-Cola products in the United States, says data was stolen from its systems following a malware attack.

Pepsi Bottling Ventures, the largest privately-held bottler of Pepsi-Cola products in the United States, says personal information was stolen from its systems following a malware attack.

Founded in 1943, the company operates 18 bottling and distribution facilities in North and South Carolina, Maryland, Virginia, and Delaware, and employs more than 2,300 people.

On February 10, the company started sending out notification letters to inform an unknown number of individuals that their personal information might have been compromised during a month-long data breach.

The incident, Pepsi Bottling Ventures says, was discovered on January 10, but the investigation that was launched into the matter revealed that attackers gained access to the company’s network on December 23. The unauthorized access was blocked on January 19.

While dwelling in Pepsi Bottling Ventures’ network, the attackers deployed malware and downloaded information stored on the systems they had access to, the company notes in the notification letter, a copy of which was filed with the Montana Attorney General.

Stolen personal information includes names, addresses, email addresses, financial information, Social Security numbers, driver’s license numbers, ID card and password information, benefits information, health insurance information, medical history, health and health insurance claims, and digital signatures.

The company says it has taken steps to contain the incident and improve its security, including by prompting a company-wide password reset on all employee accounts.

Pepsi Bottling Ventures did not reveal the type of malware used in the attack and it’s unclear if the attack was conducted by a ransomware group. 

SecurityWeek has emailed the company for additional clarifications on the cyberattack and will update this article as soon as a reply arrives.

Related: 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder

Related: 820k Impacted by Data Breach at Zacks Investment Research

Related: 25k Nissan Customers Affected by Data Breach at Third-Party Software Developer

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.


Instant Checkmate and TruthFinder have disclosed data breaches affecting a total of more than 20 million users.

Data Breaches

Companies affected by the recent Mailchimp data breach have started notifying customers. The list includes WooCommerce, FanDuel, Yuga Labs and the Solana Foundation.

Data Breaches

AT&T is notifying millions of wireless customers that their CPNI was compromised in a data breach at a third-party vendor.

Data Breaches

Google Fi informs customers about a data breach related to the recent T-Mobile cyberattack and some users claim they were targeted in a SIM...