British snack company KP Snacks has confirmed that it was the target of a debilitating ransomware attack last week, which disrupted its food production and distribution.
The company said that the cyber incident, which occurred January 28, knocked out its IT and communications systems. KP Snacks also stated that it had notified both customers and suppliers.
“As soon as we became aware of the incident, we enacted our cybersecurity response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation,” the company said in a statement, adding that its internal IT teams are continuing to work with third-party cyber experts to assess the situation.
BetterRetailing.com reported that KP Snacks sent a letter to store owners on February 02, notifying them that due to systems being “compromised by ransomware,” it “cannot process orders or dispatch goods.”
A source told cybersecurity news site BleepingComputer that KP Snacks internal network had been compromised by threat actors, who have gained access to and encrypted sensitive files. The stolen files included employee records and financial documents, the source said.
BleepingComputer also found through leaked pages that the Conti ransomware gang claimed responsibility for the attack. Conti also shared samples of credit card statements, birth certificates, employee addresses and phone numbers, and other sensitive documents as proof of their theft.
It is currently unclear if KP Snacks is negotiating with Conti, or if it will pay the ransom.