Canada’s Maple Leaf Foods , the meat and plant-based alternatives business, said on Sunday (6 November) it was the subject of a cyberattack.
Maple Leaf said in a statement yesterday “it is currently experiencing a system outage linked to a cybersecurity incident”.
The publicly-listed group added: “The company is executing its business continuity plans as it works to restore the impacted systems; however, it expects that full resolution of the outage will take time and result in some operational and service disruptions.”
Just Food contacted Maple Leaf today to confirm the current status of its food-supply operations and the potential financial impact on the multi-billion-dollar business.
“An investigation is ongoing to understand how this happened,” the company responded. “The outage is creating some operational and service disruptions that vary by business unit, plant and site.
“We do expect some disruption in our operations and service levels as we work through the restoration process, but our team is deploying our business continuity plan and implementing workarounds to mitigate the impact on our operations and business.”
In its statement, Sobeys, which also sits beside Safeway , Thrifty Foods , FreshCo and Foodland under the business umbrella, said it is “making significant progress in reducing the impact of this disruption”.
Cybersecurity threats have been a concern in the food manufacturing industry for some time, with implications for possible disruptions to supply and potential contamination of food products by attackers. JBS , the global meat supplier based in Brazil, paid US$11m last year to Russian hackers, to avoid such a scenario.
apetito , the frozen-food supplier in Germany, was also hit in June this year. And KP Snacks , the UK business owned by Germany’s Intersnack group, was the subject of a ransomware attack back in February. There have also been similar incidents across food and beverage in recent years, with companies including US brewer Molson Coors Beverage Co., Mondelez International and fast-food chain Wendy’s affected.
Research and analytics firm GlobalData pointed to incidents in 2017 at Reckitt Benckiser and Mondelez when both consumer-goods companies were infected with the NotPetya virus. The attack cost Reckitt $129m and Mondelez $188m, Just Food’s parent company noted in a report published in June.
GlobalData forecasts cybersecurity revenues generated in the consumer-goods sector will reach $6.5bn by 2025, growing at a compound annual growth rate (CAGR) of 10.6% from $3.9bn in 2020. Those revenues cover hardware, software and services, taking in areas such as firewalls and VPN appliances, data protection, and emergency incidence response.
Maple Leaf said in its statement yesterday: “Upon learning of the incident, Maple Leaf Foods took immediate action and engaged cybersecurity and recovery experts. Its team of information systems professionals and third-party experts are working diligently with all available resources to investigate the outage and resolve the situation.”
In August, Maple Leaf reported a CAD40.9m (US$30.3m) loss for the six months to 30 June, compared to a CAD56.5m profit a year earlier.
The second-quarter loss was CAD54.6m versus an CAD8.8m profit in the corresponding period. “The net loss resulted from weaker commercial performance due to cost inflation and labour challenges, as well as higher restructuring costs and start-up expenses,” Maple Leaf said.
Maple Leaf launched a review of its plant-based meat operations late last year following a run of disappointing sales. Early in 2022, the company said it was adjusting assumptions for the sector housing the Lightlife and Field Roast brands after concluding “the category will continue to grow at more modest, but still attractive rates”.
Plant-based sales dropped 5.5% to CAD85.7m in the first six months of the current financial year, compared to revenue for the group as a whole of CAD2.32bn. Meat sales were up 5.6% at CAD2.25bn.