A cyberattack has disrupted operations at Mackay Sugar, Australia’s second-largest raw sugar producer, forcing the shutdown of its Farleigh and Racecourse mills in Queensland and bringing harvesting operations to a standstill. The incident, which occurred just days into the 2026 crushing season, halted sugar milling, cane haulage, and harvesting activities across one of the country’s most significant cane-growing regions, with growers instructed to cease harvesting while the company works to restore affected systems.
The disruption highlights the growing cyber risks facing food and agriculture supply chains, where OT (operational technology) and logistics systems increasingly interconnect. Mackay Sugar said it is working with cybersecurity specialists and authorities to investigate the incident and safely resume operations. The company’s network supports approximately 1,300 predominantly family-owned farms that supply its mills, raising concerns about the broader economic impact on growers and regional agricultural production if the outage persists.
“Mackay Sugar is responding to a cyber security incident affecting some of our operations,” the company said in a statement this week. “Our immediate focus is the safety of our people, protecting operational systems, and maintaining business continuity. We have engaged specialist cyber security experts and are working closely with relevant authorities to investigate the incident and restore systems safely.”
It added that interim processes are in place to support critical business functions and minimise disruption where possible.
Advocacy group Canegrowers confirmed on Wednesday the incident had shut down sugar milling and cane haulage across the Farleigh and Racecourse mills just outside Mackay, both of which had started crushing within the past week.
Mackay Sugar said it is “communicating directly with our employees, growers and key partners and will continue to provide updates as more information becomes available,”
The statement added, “We take our responsibility to protect our systems, operations and information very seriously. We apologise for any disruption or uncertainty this incident may cause and we will provide timely updates as we continue our investigation.”
In March, the Food and Ag-ISAC reported facing sustained and increasingly sophisticated cyber pressure, with 72 active threat actors identified from a pool of more than 330 monitored adversaries. The analysis, powered by the Predictive Adversary Scoring System (PASS), highlights that both nation-state groups and financially motivated cybercriminals are consistently targeting the farm-to-table supply chain, using a mix of persistence, technical sophistication, and clear strategic intent to exploit sector vulnerabilities.
