Security Experts:

Connect with us

Hi, what are you looking for?



Ransomware Disrupts Production at Australian Beverage Company Lion

Australian beverages company Lion reported this week that its systems have been infected with a piece of ransomware that caused disruptions to manufacturing processes and customer service.

Australian beverages company Lion reported this week that its systems have been infected with a piece of ransomware that caused disruptions to manufacturing processes and customer service.

Lion is a major supplier of beer and milk in Australia and New Zealand. The company revealed on June 9 that it had shut down its IT systems as a result of a “cyber incident,” causing disruption to customers and suppliers. It then confirmed on June 12 that it was hit by ransomware.

The brewer said it was able to continue producing beer during the lockdowns triggered by the COVID-19 crisis and it had been planning on increasing production, but those plans have been delayed due to the cyberattack.

The company was forced to shut down some manufacturing sites as a result of the incident — some of them are still offline — and customers have been warned that the incident could result in “temporary shortages.”

“Our teams are working as hard as they can to service customers and suppliers, implementing new manual processes and investigating all alternative options. We recognise this is imperfect and is causing disruption to our valued partners. We also recognise this is happening at an unfortunate time as we emerge from COVID-19 restrictions,” the company stated.

“We had been hoping to have full access restored by now, but unfortunately this process is taking longer than we hoped,” Lion said on Friday.

The company claims it has found no evidence that personal, financial or other type of information has been stolen from its systems as a result of the breach, but its investigation is ongoing.

A similar statement was made recently by Australian shipping giant Toll after being hit by Nefilim ransomware, but the organization later admitted that some data was in fact stolen. The hackers who conducted the attack have already started leaking files stolen from Toll — hundreds of gigabytes of financial and other information has been made public — after the company refused to pay the ransom.

SecurityWeek has reached out to Lion to find out which ransomware family was involved in the attack. This article will be updated if the company responds.

Japanese car maker Honda was also hit by ransomware recently and the company admitted that the incident impacted production operations at some plants in the United States.

Related: Vulnerability in Mitsubishi Controllers Can Allow Hackers to Disrupt Production

Related: Australian Steel Maker BlueScope Hit by Cyberattack

Related: Researchers Analyze Entry Points, Vectors for Manufacturing System Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack