Kraft Heinz has confirmed that their systems are operating normally and that there is no evidence they were breached after an extortion group listed them on a data leak site.
Kraft Heinz is one of the world’s largest food and beverage companies, with over 37,000 employees operating out of 40 countries. The company owns numerous well-known brands, including Oscar Mayer, Kool-Aid, Philadelphia, Lunchables, Maxwell House, and many more.
In a post to Snatch extortion group’s data leak site dated August 16th, but not made visible until today, the threat actors claim that they breached Kraft Heinz.
When extortion groups list a company on their data leak sites, it indicates that they stole data in a cyberattack and would soon leak it if a ransom is not paid.
However, Snatch has not provided proof of the breach, with the files section devoid of screenshots of stolen data.
In a statement to BleepingComputer, Kraft Heinz said they are investigating whether a cyberattack on a decommissioned marketing website is related to Snatch’s claims but that they are not experiencing any issues on their corporate network.
“We are reviewing claims that a cyberattack occurred several months ago on a decommissioned marketing website hosted on an external platform, but are currently unable to verify those claims,” a Kraft Heinz spokesperson told BleepingComputer.
“Our internal systems are operating normally, and we currently see no evidence of a broader attack.”
Snatch, a ransomware gang which launched in 2018, was one of the first groups to set up a data leak site to use stolen data as leverage in their extortion demands.
In 2021, threat actors known as “Snatch Team” set up a new data leak site, stating that they were unaffiliated with the previous ransomware group and did not perform encryption attacks.
However, a report by CISA disputes these claims, stating that data from confirmed ransomware victims have appeared on Snatch Team’s website along with data from other ransomware operations’ attacks.