Threat group threatens to spill the beans after claiming Kraft Heinz breach | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Threat group threatens to spill the beans after claiming Kraft Heinz breach

A Russia-based ransomware group has claimed to have breached the systems and stolen data belonging to US food giant Kraft Heinz.

The Snatch ransomware group listed the company on its leak site, dating the breach to have occurred on 16 August, but only made the listing visible late last week.

Kraft Heinz is one of the largest food and beverage manufacturers in the world and is the owner of a large number of infamous food brands, including Kool-Aid, Lunchables, Capri Sun, Cool Whip, Oscar Mayer, Philadelphia Cream Cheese, and more. Eight of its owned brands have a total individual sales of over US$1 billion.

It also hires 37,000 staff across 40 countries.

The attack was reportedly on a decommissioned marketing website belonging to Kraft Heinz.

Speaking with BleepingComputer, a spokesperson from Kraft Heinz has said that the company has begun an investigation into the breach but, at this stage, has found no evidence to suggest that the website attack occurred or resulted in access to its wider systems.

“We are reviewing claims that a cyber attack occurred several months ago on a decommissioned marketing website hosted on an external platform but are currently unable to verify those claims,” the company said.

“Our internal systems are operating normally, and we currently see no evidence of a broader attack.”

Furthermore, while Snatch has listed Kraft Heinz on its dark web leak site, it failed to provide any sample data as proof of the breach, as is common practice for ransomware groups.

Snatch is one of the original dark web ransomware groups, being one of the first to use the dark web to host a leak site and leverage it for financial gain when it first emerged in 2018.

A group called “Snatch Team” emerged later in 2021, which the US Cybersecurity and Infrastructure Security Agency (CISA) claimed to be connected to the original Snatch threat actor, a claim that Snatch Team denied.

In an advisory on Snatch, CISA also said that Snatch had remained ahead of changing trends to remain effective.

“Since mid-2021, Snatch threat actors have consistently evolved their tactics to take advantage of current trends in the cyber criminal space and leveraged successes of other ransomware variants’ operations,” it said.


Click Here For The Original Source.

National Cyber Security