The cyber attack on Lion Dairy & Drinks (LD&D) has prompted warnings other FMCG businesses could be at risk.
The industry giant, who manufactures brands such as Dairy Farmers, Pura, Vitasoy and Yoplait through LD&D has said it was hit by a “major incident” on Monday which forced the company to disable its IT systems.
The shutdown affected customers, suppliers and broader supply chains. A statement from the company said teams have been working 24//7 to reinstate operations, but some services continue to be effected.
The company (through Lion Australia) also manage a large alcohol portfolio including brands such as XXXX and Heineken and said the attack had been particularly disruptive to this arm of the business.
“This attack could not have come at a worse time for Lion, particularly for our valued pub and club customers who are in the very early stages of recovery following the COVID-19 closures. They are in the early stages of rebuilding, restocking and reengaging their staff. This has been the most devastating time on record for the hospitality industry in Australia and New Zealand,” a statement from Lion Australia said.
Parts of the business remained offline yesterday, including in customer service and LD&D has said there have been “some service misses” in customer channels for fresh dairy and juice and they were relying on manually keying and picking orders in the interim.
“We are continuing to do all we can to ensure we can service the demand of our customers and have a team of people working with customers to assist with ordering and delivery. We thank our customers, network partners, suppliers and consumers for their patience at this time. There has been no impact to the collection of milk supply from our dairy farmer partners or fruit from our orange growers,” the brand said.
The attack has prompted some security experts to issue a warning to other fast moving consumer goods (FMCG) brands to take extra precautions. Threat intelligence firm Webroot’s Security Analyst Tyler Moffitt warns no brand should consider themselves immune..
“Although the cause of the Lion Australia attack and the extent of the damage done is not known yet, it was only a matter of time before a FMCG company fell victim to cybercriminals,” Mr Moffitt said.
“Consumer goods and retail businesses have become increasingly attractive to hackers because they have access to and likely store sensitive personal data from their interactions with the everyday consumer. This personal data, which can then be used for nefarious purposes like phishing or identity theft, can fetch a high price on the dark web. Companies successfully targeted by cyber-attacks can be left feeling the effects of the disruption long after systems are restored, because it also impacts the brand’s reputation and consumer trust.”
“Additionally, the ramifications and fines of consumer privacy laws like GDPR can make it even harder. From a reputation protection standpoint, being in the spotlight for data breaches is not at all good for business. This wakeup call is an opportunity for Lion Australia and other FMCG players to re-evaluate their cybersecurity processes – more than ever, cyber resilience planning needs to be a key priority and integrated into every aspect of the business.”