US meals big WK Kellogg Co is warning staff and distributors that firm information was stolen through the 2024 Cleo information theft assaults.
Cleo software program is a managed file switch utility that was focused by the Clop ransomware gang en masse on the finish of final yr. This assault leveraged two zero-day flaws tracked as CVE-2024-50623 and CVE-2024-55956, permitting the risk actors to breach servers and steal information.
“WK Kellogg realized on February 27, 2025, {that a} security incident could have occurred involving Cleo,” reads the discover.
“WK Kellogg instantly started to research. We contacted Cleo, and Cleo knowledgeable us that an unauthorized individual gained entry on December 7, 2024, to the servers Cleo hosted for us that had been used for transferring worker information to our human assets service distributors.”
WK Kellogg Co is an American meals manufacturing big break up from Kellogg’s in October 2023. It has an annual income of $2.7 billion and owns common cereal manufacturers akin to All-Bran, Corn Flakes, Froot Loops, and Frosted Flakes.
Though the corporate doesn’t particularly point out Clop or the information theft assaults, the date of the reported incidents coincides with the wave of assaults that occurred in December 2024.
Moreover, the breach notifications come quickly after the Clop ransomware gang listed WK Kellogg on their information leak extortion web site.
The data breach notification shared with the authorities says the uncovered information contains an individual’s title and social security quantity.
The letter encloses directions on how recipients can enroll in a free one-year id monitoring and fraud safety providers by way of Kroll. Impacted people are additionally advisable to think about inserting fraud alerts or a security freeze on their credit score file.
Kellogg says it labored carefully with Cleo to determine the security measures it applied to deal with final yr’s breach and forestall related incidents from occurring sooner or later.
Kellogg is the most recent sufferer of a lengthy listing of firms impacted by Clop’s Cleo zero-day assaults, with the risk actors step by step disclosing further victims and stolen information samples a number of months after the incident.
The earlier disclosure got here on March 18 by Arizona-based Western Alliance Financial institution, which knowledgeable 22,000 clients their private information had been stolen in an October 2024 breach of Cleo’s safe file switch software program.
Based mostly on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and the right way to defend towards them.
