Multiple Systems Impacted, Including Production and Shipping Capabilities
The Molson Coors Beverage Co. reported Thursday it’s in the process of responding to an ongoing cybersecurity incident that has caused system outages throughout the brewer’s manufacturing process.
“Although the company is actively managing this cybersecurity incident, it has caused and may continue to cause a delay or disruption to parts of the company’s business, including its brewery operations, production and shipments,” Molson Coors says in a form 8-K filing with the Securities and Exchange Commission.
In the filing, the company says it has engaged leading forensic information technology firms and legal counsel to assist in the investigation. Internal IT and security teams are also working around the clock to get the systems back up as quickly as possible, the company says.
Molson Coors operates eight breweries throughout the U.S. The company did not specify which facilities are being affected by the cyber incident, exactly what type of attack is taking place nor when it expects operations to return to normal .
The brewer did not immediately respond to a request for comment.
The incident is a reminder that all organizations need to be ready to immediately mitigate and respond to unfolding cyber incidents, says Edgard Capdevielle, CEO of Nozomi Networks.
“While the company hasn’t released details, this scenario could be ransomware, and this type of situation should be factored into an organization’s incident response and business continuity plans. Beyond a technical response, decision-makers need to be prepared to weigh the risks and consequences of alternative actions,” he says.
Molson Coors manufactures more than 100 brands of beer, hard seltzer and non-alcoholic beverages, including Coors Light, Miller, Blue Moon and Molson Canadian.
Other Brewers Targeted
Other companies that make alcoholic beverage have been targeted by hackers.
The Sodinokibi – aka REvil – ransomware operation was blamed for hitting Australian brewer Lion in June 2020 with crypto-locking malware, while RagnarLocker launched a ransomware attack on Campari in November 2020.