Dairy Farmers of America confirms June cyberattack leaked personal data

The Dairy Farmers of America said cybercriminals breached company systems in June, gaining access to the information of employees and members of the cooperative.

The organization previously confirmed to the outlet Dairy Herd Management in June that multiple manufacturing plants within its network were dealing with a ransomware attack. A notorious ransomware gang took credit for the incident days after the statement was released. 

On Thursday, the organization filed breach notifications with regulators in Maine explaining that the personal information of 4,546 people was exposed during the attack. The information stolen includes names, Social Security numbers, driver's license or state-issued ID numbers, dates of birth, bank account numbers, and Medicare or Medicaid numbers.

The Kansas-based organization is a farmer-owned dairy cooperative that markets and sells milk and ancillary products produced by its 9,500 farmer-owners. It has about 19,000 employees and reported $24.5 billion in revenue in 2022, producing about 23% of all U.S. milk.

In letters to victims of the breach, the organization said it discovered that hackers breached their network two days after the attack began. The cybercriminals gained access through a “sophisticated social engineering campaign” and began exfiltrating company data that included personal information. 

The organization’s investigation into the incident was completed on September 15. Victims will be given two years of identity protection services. Dairy Farmers of America did not respond to requests for comment. 

The attack on Dairy Farmers of America was claimed by the Play ransomware gang. In June, the FBI updated its 2023 advisory on the group to say it had attacked more than 900 organizations, making it one of the most prolific ransomware gangs operating. 

After emerging in 2022, Play caused outrage over dozens of high-profile attacks that left cities like Oakland and Lowell, Massachusetts, as well as Dallas County, scrambling for days to deal with encrypted devices and troves of stolen citizen data.

Ransomware attacks on the food and agriculture industry have ramped up in the last two years, according to data from the cyber information sharing organization Food and Ag-ISAC. The industry saw 31 attacks in January and 35 in February before a dip to 18 attacks in March. The 84 attacks seen from January to March were more than double the number observed in the first quarter of 2024.

A bipartisan duo of U.S. senators introduced legislation last year to boost the cyber defenses of the agriculture and food sectors but the bill did not advance.