Produce giant Dole has been forced to shut down plants due to a ransomware attack that appears to have resulted in product shortages in some grocery stores.
In a statement posted on its website on Wednesday, Dole said it was dealing with a cybersecurity incident involving ransomware. The company has contacted law enforcement and external cybersecurity experts to help it address and investigate the attack.
The Ireland-based company said the impact to its operations has been limited but, according to reports, the Dole ransomware attack has caused problems for some stores.

One grocery store in Texas informed customers on Facebook that the Dole ransomware attack caused a shortage in prepackaged salads. On February 17, the company made public a memo received from Dole in which the vendor explained that it was forced to shut down plants “for the day” and put all shipments on hold.
CNN reported similar problems at other stores as well. It learned from a source that the company rushed to shut down systems to prevent the ransomware from spreading further. This suggests that file-encrypting malware was involved in the attack.
The memo sent by Dole to customers revealed that the cyberattack forced it to shut down systems throughout North America.
According to its Wikipedia page, Dole has 38,000 employees and 250 processing plants, supplying products to 75 countries.
SecurityWeek has checked the websites of several major ransomware groups and has not found any mention of Dole. However, hackers typically name and shame victims on dedicated websites only after initial negotiations fail.
It’s unclear if any data has been stolen from Dole systems. In some recent attacks, the cybercriminals claimed to have stolen files from victims, but researchers did not find any evidence of data theft.
Data from blockchain data company Chainalysis showed that ransomware revenue plunged in 2022 as victims are increasingly refusing to pay ransom demands. Ransomware groups received a total of $457 million in 2022 compared to $766 million in 2021.
Recent arrests and the disruption of some ransomware operations by law enforcement may discourage some threat actors, but this type of cybercriminal activity remains profitable for many. The US and South Korea said recently that North Korea’s ransomware attacks on critical infrastructure are funding the regime’s malicious cyber activities.
Related: Ransomware Attack Pushes City of Oakland Into State of Emergency
Related: Play Ransomware Group Claims Attack on A10 Networks
Related: Ransomware Leads to Nantucket Public Schools Shutdown

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Cisco to Acquire Splunk for $28 Billion
- Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade
- Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis
- Intel Launches New Attestation Service as Part of Trust Authority Portfolio
- Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems
- SASE Firm Cato Networks Raises $238 Million at $3 Billion Valuation
- Clorox Blames Damaging Cyberattack for Product Shortage
- Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products
Latest News
- Every Network Is Now an OT Network. Can Your Security Keep Up?
- Navigating the Digital Frontier in Cybersecurity Awareness Month 2023
- TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data
- Legit Security Raises $40 Million in Series B Financing
- Cisco to Acquire Splunk for $28 Billion
- Atlassian Security Updates Patch High-Severity Vulnerabilities
- Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade
- UK’s New Online Safety Law Adds to Crackdown on Big Tech Companies
