WK Kellogg Co, a prominent American food manufacturer, has notified employees and vendors of a significant data breach that occurred in connection with the Cleo file transfer software. The breach, which was first discovered on February 27, 2025, involved unauthorized access to sensitive data due to two zero-day vulnerabilities exploited by the Clop ransomware gang at the end of last year.
The breaches, linked to the vulnerabilities tracked as CVE-2024-50623 and CVE-2024-55956, allowed attackers to compromise servers managed by Cleo. According to a company notice, Cleo confirmed that an unauthorized individual gained access to their servers on December 7, 2024, which were utilized for transferring employee files to human resources service vendors. The details of the breach were shared in a notification sent to the authorities.
The data breach has severe implications, as it exposes sensitive information such as names and social security numbers of individuals. WK Kellogg has taken steps to mitigate the impact, offering affected individuals a one-year subscription to identity monitoring and fraud protection services through Kroll. They have also recommended placing fraud alerts or a security freeze on credit files.
In an effort to bolster security, Kellogg has indicated that they are working closely with Cleo to implement improved security measures to prevent similar incidents in the future. The company, which split from Kellogg’s in 2023, has an annual revenue of approximately $2.7 billion and is known for popular cereal brands including All-Bran, Corn Flakes, Froot Loops, and Frosted Flakes.
This breach is part of a troubling trend, as WK Kellogg becomes the latest entity affected by Clop ransomware, adding their name to a growing list of victims targeted by this cybercriminal group. Earlier reports indicated that Western Alliance Bank faced a data breach affecting 22,000 customers due to the same vulnerabilities in Cleo’s software.