bimbo bakeries ransomware

Bread manufacturer Bimbo Bakeries today notified 560 people about a February 2024 data breach that compromised the names, Social Security numbers, and dates of birth of vendors and employees.

The notification reads, “On February 13, 2024, an affiliate of Bimbo Bakeries detected that an unauthorized third party gained remote access to a portion of the network used to process information for Bimbo Bakeries and its affiliates. An investigation confirmed that on February 13, 2024, the unauthorized third party accessed a portion of the network used to process information for Bimbo Bakeries and its affiliates, including one server used to process personal information of employees and vendors of Bimbo Bakeries, and obtained certain files containing personal information.”

Ransomware group Medusa claimed responsibility for the attack and demanded a $6.5 million ransom in exchange for not selling or publicly releasing stolen data.

Bimbo has not confirmed Medusa’s claim. We don’t yet know how attackers breached Bimbo’s network, what other systems were affected, or whether Bimbo paid the ransom. Comparitech contacted Bimbo Bakeries for comment and will update this article if it responds.

Comparitech recommends victims take advantage of the free credit monitoring offered by Bimbo via Experian. Monitor your credit report for signs of fraud.

Who is Medusa?

Medusa first surfaced in September 2019 and debuted its leak site in February 2023, where it publishes stolen data of victims who don’t pay ransoms. Medusa often uses a double-extortion approach in which victims are forced to pay twice: once to decrypt their systems, and once for not selling or publishing stolen data.

Comparitech has logged 23 confirmed attacks by Medusa so far this year, with an average ransom amount of $927,000. We recorded 40 confirmed attacks in 2023, indicating the group’s activity has increased. Medusa has claimed 85 unconfirmed attacks so far this year.

Bimbo isn’t the first seller of baked goods that Medusa has attacked. In March 2024, it added Lewis Brothers Bakery to its leak site and demanded a $1 million ransom in exchange for 116 GB of stolen data. Medusa also hacked Rosen’s Diversified, an agribusiness and food processing company, in December 2023 and demanded $100,000.

Ransomware attacks against US food and beverage companies

Ransomware attacks can disrupt operations at manufacturing companies by locking up computer systems until a ransom is paid to unlock them. Attacks can cause delays in production, distribution, and payment.

Comparitech has logged eight confirmed ransomware attacks against US food and beverage companies so far this year, affecting 22,330 records. That follows 21 attacks last year, affecting 1.4 million records.

Other food and beverage companies hit by ransomware attacks include Welch Foods Inc. (Welch’s), International Gourmet Foods, Panera Bread, DRM (Arby’s), Lagunitas Brewing Company, and Jordanos.

About Bimbo Bakeries

Grupo Bimbo is a Mexican multinational baked good manufacturer, and Bimbo Bakeries is the US arm of the company. It’s headquartered in Horsham, Pennsylvania and employs about 20,000 people, according to external sources.

Some of Bimbo’s American brands include Entenmann’s, Sara Lee, and Thomas’.