U.K. Snack Manufacturer Expects Months of Delays After Ransomware Attack

Orders of top-selling snack brands from KP Snacks are on hold in the aftermath of a Conti ransomware attack that includes data theft of confidential information.

KP Snacks is a $600 million business serving the UK with popular snack brands including McCoys’s, Hula Hoops, Tyrell’s, Space Raiders, Skips, Butterkist, Pom-Bears, Nik-Naks and KP nuts.

In a notice put out via UK grocery wholesaler Nisa to its’ retailers, KP Snacks acknowledged being the victim of a ransomware attack that has left them in a state where they “cannot safely process orders or dispatch goods.”

Source: Bleeping Computer

Bleeping Computer states the snack manufacturer is listed on Conti Ransomware’s data leak page on the dark web which currently hosts “credit card statements, birth certificates, spreadsheets with employee addresses and phone numbers, confidential agreements, and other sensitive documents.”

Citing the response to the attack could result in operations being impacted until “the end of March at the earliest,” KP Snacks is laser focused on remediating the attack, which may take them (using their own estimate) two months to do so.

According to the U.S. government’s Cybersecurity & Infrastructure Security Agency (CISA), one of Conti’s initial attack vectors is often spearphishing – something KP Snack’s security precautions may not have been able to stop. Phishing emails that make it all the way to a user’s Inbox can still be stopped by educated users who have undergone continual Security Awareness Training to elevate their understanding of phishing attacks, and they role they play in both identifying and not engaging such malicious emails.

The effects of the Conti attack for KP Snacks are yet to be determined. But the ability for similar organizations to avoid being the next Conti victim is easily achieved with a proper defense in depth strategy implemented that includes Security Awareness Training.