British candy manufacturer KP Snacks is the target of a ransomware attack. Insiders say confidential data has been encrypted by ransomware from the hacker group Conti. The attack is causing chaos throughout the distribution chain.
That writes BleepingComputer. The tech site has read letters from KP Snacks to partners and spoken to employees who are aware of the events.
Fear of supply problems
KP Snacks is a company that makes and sells sweet snacks, including Pom-Bär, PopChips, Skips, Hula, Wheat Crunchies, and so on. The manufacturer is active in the United Kingdom, where more than 2,000 employees work and an annual turnover of more than $900 million. All in all, an attractive target for hackers and cybercriminals to launch cyber-attacks.
That is exactly what happened at the end of last month. In a letter to business partners, KP Snacks writes that on Friday, January 28, it discovered that the computer systems were infected with ransomware. IT staff and employees of a third-party cybersecurity company tried to estimate the scale of the attack last weekend. It is still not fully mapped.
The ransomware attack has serious consequences, not only for the company itself but also for its business partners. In recent days, they received a letter informing them of the latest developments. Due to the attack, orders have been delayed, don’t arrive or are cancelled. Supply problems may persist until the end of March.
Conti demands undisclosed ransom
Insiders confirm to BleepingComputer that the internal network has been attacked by members of the Conti group. Conti is a Ransomware-as-a-Service or RaaS service associated with the Russian hacker group Wizard Spider. Ransomware such as Ryuk, TrickBot and BazarLoader originate from this group. Universal Health Services (UHS), one of the largest hospital networks in the US, is one of the most famous victims of the Conti group. The ransomware attack cost the healthcare institution 67 million euros. Conti was responsible for 13 per cent of all ransomware attacks worldwide last year, according to security researchers.
According to the sources BleepingComputer spoke to, the hackers encrypted sensitive and confidential files. This includes the personal data of employees and financial documents. As evidence, Conti shared a number of employee home addresses and phone numbers, credit card information, birth certificates, spreadsheets and other sensitive documents, among other things.
According to DarkFeed, a Twitter channel that follows the latest developments on the dark web, KP Snacks has until next Sunday to pay the ransom. It is unknown how much the hacker group is demanding from the British snack manufacturer.
🌐 Conti (Ryuk) #Ransomware team just ransomed another huge victim 🚨
The group infiltrated and encrypted the company's network and stole a lot of data, the company is from the UK 🇬🇧 with $900 million revenue 💸
— DarkFeed (@ido_cohen2) February 1, 2022
Catch up on more articles here
Follow us on Twitter here