Cold storage and logistics giant Americold has confirmed that over 129,000 employees and their dependents had their personal information stolen in an April attack, later claimed by Cactus ransomware.
The April network breach led to an outage affecting the company’s operations after Americold forced it to shut down its IT network to contain the breach and “Rebuild the impacted systems.”
In notification letters sent on December 8 to 129,611 current and former employees affected by the data breach, the company revealed the attackers were able to steal some data from its network on April 26.
While multiple sources told BleepingComputer at the time that the 2020 breach was a ransomware attack, the company has yet to confirm it, and the ransomware group responsible for the November 2020 attack remains unknown.
Even though the company didn’t connect the April 2023 incident to a specific ransomware operation, the Cactus ransomware operation claimed the attack on July 21.
Toronto Public Library confirms data stolen in ransomware attack.
