Security Experts:

Connect with us

Hi, what are you looking for?



Ransomware Attack Forces Produce Giant Dole to Shut Down Plants

Dole was forced to shut down systems in North America due to a ransomware attack, which has reportedly led to salad shortages in some grocery stores.

Produce giant Dole has been forced to shut down plants as a result of a ransomware attack that appears to have resulted in product shortages in some grocery stores.

In a statement posted on its website on Wednesday, Dole said it was dealing with a cybersecurity incident involving ransomware. The company has contacted law enforcement and external cybersecurity experts to help it address and investigate the attack.

The Ireland-based company said the impact to its operations has been limited but, according to reports, the Dole ransomware attack has caused problems for some stores. 

One grocery store in Texas informed customers on Facebook that the Dole ransomware attack caused a shortage in prepackaged salads. On February 17, the company made public a memo received from Dole in which the vendor explained that it was forced to shut down plants “for the day” and put all shipments on hold. 

CNN reported similar problems at other stores as well. It learned from a source that the company rushed to shut down systems to prevent the ransomware from spreading further. This suggests that file-encrypting malware was involved in the attack. 

The memo sent by Dole to customers revealed that the cyberattack forced it to shut down systems throughout North America. 

According to its Wikipedia page, Dole has 38,000 employees and 250 processing plants, supplying products to 75 countries. 

SecurityWeek has checked the websites of several major ransomware groups and has not found any mention of Dole. However, hackers typically name and shame victims on dedicated websites only after initial negotiations fail.

It’s unclear if any data has been stolen from Dole systems. In some recent attacks, the cybercriminals claimed to have stolen files from victims, but researchers did not find any evidence of data theft. 

Data from blockchain data company Chainalysis showed that ransomware revenue plunged in 2022 as victims are increasingly refusing to pay ransom demands. Ransomware groups received a total of $457 million in 2022 compared to $766 million in 2021. 

Recent arrests and the disruption of some ransomware operations by law enforcement may discourage some threat actors, but this type of cybercriminal activity remains profitable for many. The US and South Korea said recently that North Korea’s ransomware attacks on critical infrastructure are funding the regime’s malicious cyber activities. 

Related: Ransomware Attack Pushes City of Oakland Into State of Emergency

Related: Play Ransomware Group Claims Attack on A10 Networks

Related: Ransomware Leads to Nantucket Public Schools Shutdown

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


More than 3,800 servers around the world have been compromised in recent ESXiArgs ransomware attacks, which also include an improved process.


The City of Oakland has disclosed a ransomware attack that impacted several non-emergency systems.


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.