Monday, September 25, 2023 by Laura Harris
Clorox, a renowned California-based cleaning products company, has revealed that the “widescale” cyberattack the company experienced in August resulted in product availability issues and is expected to have a material impact on the company’s first-quarter earnings.
According to a regulatory filing made with the Securities and Exchange Commission, Clorox’s earnings would likely suffer due to “order processing delays and an elevated level of product outages” stemming from the cyberattack. The unauthorized activity had caused damage to sections of Clorox’s information technology infrastructure, resulting in a “widescale disruption” to its normal operations.
“To the extent possible, and in line with its business continuity plans, Clorox has implemented workarounds for certain offline operations in order to continue servicing its customers. However, the incident has caused and is expected to continue to cause disruption to parts of the company’s business operations,” the filing stated.
Meanwhile, security experts suspect that the cyberattack Clorox experienced was a ransomware attack. Shutting down some of Clorox’s computer systems to stop the problem suggests that harmful software might have spread through their network. Additionally, the company having trouble getting in restoring services indicates that the hackers could have locked or encrypted their files.
“Clorox doesn’t share what type of attack it is, but it sounds in line with other ransomware attacks. This is one of those ever-less-rare cases where a cyberattack impacted production in a way that can be felt by consumers,” commented Roger Grimes, a computer security expert. (Related: Ransomware attack on Dole causes SHORTAGE of salad in groceries.)
Clorox was forced to manually handle orders and processing procedures at a reduced rate because of the cyberattack, leading to “an elevated level of consumer product availability issues.” The company is still assessing the full extent of the financial and operational repercussions while working on repairing its infrastructure and reintegrating the systems that were taken offline.
While the company has resumed production at most of its manufacturing sites, it remains uncertain when it will fully recover and return to normal operations.
“It is premature for the company to determine longer-term impact, including fiscal year outlook, given the ongoing recovery,” the company stated.
Major companies like MGM Resorts International and Caesars Entertainment also reported being victims of the same modus that disrupted their operations.
MGM Resorts and Caesars fell victim to the same hacker group called the Scattered Spider, a notorious cybercriminal organization responsible for a string of cyberattacks.
Scattered Spider, also known as UNC3944, is based in the United States and the United Kingdom, with some of its members as young as 19 and many are native English speakers who excel in social engineering tactics.
The hackers have previously targeted telecommunications and business process outsourcing companies by employing techniques such as SIM swaps and phishing attacks to compromise systems and demand ransoms.
MGM Resorts experienced a computer system outage that affected its headquarters, properties and websites. The hackers even demanded ransom from the MGM. Meanwhile, Caesars revealed that an unauthorized actor had acquired data from its loyalty program database, including sensitive information such as phone numbers and Social Security numbers.
Charles Carmakal, Chief Technical Officer for Mandiant Inc., part of Google Cloud, described Scattered Spider as “one of the most prevalent and aggressive threat actors impacting organizations in the United States today.” In addition to deploying ransomware, Scattered Spider has been known to expose victims on infrastructure shared with another hacking group, ALPHV.
In the case of MGM Resorts, Scattered Spider may have collaborated with ALPHV in their cyberattack efforts. Hackers have employed ransomware attacks and data theft, stealing sensitive data and threatening to release it unless a ransom is paid.
Morgan Wright, Chief Security Adviser at SentinelOne, noted that such incidents continue to occur partly due to the limitations of cybersecurity software. He emphasized the need for more effective measures to “stop the attack before it can launch” and warned against overregulating artificial intelligence, which could potentially hinder the industry’s ability to combat cyber threats.
Check out Glitch.news for more news about cyberattacks on corporations.
Watch this video to learn more about cyberattacks.
COPYRIGHT © 2017 PRODUCTS NEWS