Agropur, one of the largest dairy cooperatives in North America, is notifying customers of a data breach after some of its shared online directories were exposed.
Although the firm said the breach does not extend to its transactional systems and hasn’t disrupted its core business operations, it launched an investigation to determine the scope and impact on clients, engaging with external cybersecurity experts and law enforcement for help.
The company processes 6.7 billion liters of milk annually sourced from 2,908 farm units and employs 7,500 people to produce milk, cheese, butter, cream, and ice cream.
With an annual revenue of $5.1 billion (USD), Agropur owns well-known brands with significant market and distribution reach like Natrel, Lucerne, Sealtest Dairy, Island Farms, and Oka.
Earlier this week, BleepingComputer received a tip about Agropur on June 25 notifying customers of the data exposure incident and the ongoing investigation.
Source: BleepingComputer
The company notes that there is currently no evidence that the exposed data has been misused.
Still, it alerted customers out of an abundance of caution and to raise awareness of the potential risks until the investigation comes to a conclusion and more details are available.
In a reply to BleepingComputer’s request for a statement, a company’s spokesperson confirmed the data exposure incident but did not provide additional info about the event due to the ongoing investigation.
“The cyber incident was limited to part of Agropur’s shared online directory and that it did not affect our transactional systems. The continuity of our operations was not affected,” stated Agropur.
“After detecting the issue, we immediately launched an investigation and took steps to address the incident, including the implementation of corrective measures to mitigate the impact,” the company spokesperson said.
“To avoid prejudicing the investigation, we will not make further comment at this time,” the Agropur representative added.
Hence, the types of exposed data and the number of impacted individuals have not been determined yet.
If you are a registered member or hold an account at Agropur or its brands’ sites, it is advisable to stay alert for phishing attempts, as the exposed data may be used in targeted attacks.