Coca-Cola says Fairlife ransomware attack halts U.S. dairy production

by

The Coca-Cola Company said on Wednesday that a ransomware attack on its Fairlife dairy subsidiary disrupted operations and temporarily suspended production of Fairlife products across the United States.

KEY FACTS

  • Incident Fairlife detected unauthorized access to some systems, including production-related systems, during a ransomware attack.
  • Impact U.S. production has been temporarily suspended while systems are restored.
  • Scope Canadian production operations are not currently affected.
  • Safety Coca-Cola said product quality and safety have not been affected.

In a Form 8-K filing with the U.S. Securities and Exchange Commission, Coca-Cola said Fairlife activated incident response and business continuity protocols after detecting the issue. The disclosure said outside advisors and cybersecurity experts are assisting with the investigation.

The company also notified law enforcement. The full impact of the incident is still being assessed, and it has not been determined whether the cyberattack is reasonably likely to materially affect the company.

Coca-Cola said it is working to restore affected systems and resume operations. The disclosure did not say whether data was stolen, whether an extortion demand was made, or which ransomware group was responsible.

Fairlife makes ultra-filtered milk products, protein shakes and nutrition drinks sold in the United States. No ransomware gang had claimed the attack at the time of the disclosure.

WHY IT MATTERS

The disruption shows how a cyberattack on a production system can halt manufacturing even when product safety is not affected. The incident also highlights the uncertainty companies face early in a ransomware case when the scope, data impact and financial exposure are still under review.