Sysco Corp. has notified greater than 126,000 people that their private data was compromised in a latest cyberattack, in keeping with a press launch.
The corporate initially disclosed the incident in early Might in a Type 10-Q submitting with the Securities and Alternate Fee however stated the attackers doubtless had unauthorized entry to its programs beginning Jan. 14, 2023.
Throughout that time-frame, the corporate stated, the attackers stole firm knowledge associated to “operation of the enterprise, prospects, workers and private knowledge.”
The corporate is informing present and former workers that non-public data corresponding to names, Social Safety numbers, account numbers and different data supplied for payroll functions may need been compromised within the knowledge breach.
The letter to impacted workers says, “the menace actor gained entry to our programs with out authorization and claimed to have acquired sure knowledge.” This means that it could have been a ransomware assault.
Based on Sysco, the assault had no influence on its operational programs and associated enterprise capabilities and didn’t lead to service interruptions.