Apetito, the Germany-based frozen-food supplier, has revealed a cyber attack on its operations.

The privately-owned business, which serves foodservice and retail customers, has issued a brief statement indicating the impact on its operations so far.

“We currently have no access to our IT-supported systems because our servers have been attacked. For this reason, among other things, orders are currently not possible,” Rheine-based Apetito said in its statement posted online.

“Unfortunately, it is not yet foreseeable when we can be reached again. Customers can contact their responsible sales representative.

“Our top priority is to ensure supplies to clinics and retirement homes, as well as senior citizens at home by delivering replacement menus. An internal and external team of experts is working flat out on analysis and on solutions.”

In its statement, Apetito, which reportedly generated sales of more than EUR1bn (US$1.05bn) last year, did not release any details giving any indication of the nature of the cyber attack.

However, a separate statement issued by Apetito’s UK arm described the breach as “a sophisticated, criminal, cyber attack”. The UK unit revealed the incident took place on Saturday (25 June).

Paul Freeston, chair and CEO of Apetito’s operations in the UK and North America, said the company is “working all hours to bring critical systems back into operation as soon as possible.”

He added: “However, we expect significant disruption in the coming days while we address these issues. We appreciate that this situation will cause substantial inconvenience for our customers. We are doing everything we can to resolve the situation and will have a clearer understanding of timescales involved as our recovery work progresses. We are seeking to establish whether any identifiable information has been compromised.

“We are confident that credit/debit card data has not been compromised as we do not hold this on our systems. Meanwhile, we are taking every possible action to restore our service and would like to extend our sincere apologies to all our customers for the uncertainty and severe inconvenience this situation is causing them.”

In February, KP Snacks, the UK firm that is part of the Germany-based Intersnack group, was hit by a ransomware attack.

In May last year, Brazil-based meat giant JBS saw its servers supporting the company’s North American and Australian IT systems targeted by what the company called “an organised cybersecurity attack”.

Within four days, JBS announced a “resolution” to the breach, stating its factories were “fully operational”. The company said it paid “the equivalent” of US$11m to the hackers – said by the FBI to be REvil, a Russia cyber-criminal group also known as Sodinokibi – after consulting with “internal IT professionals and third-party cybersecurity experts”.

The affair followed similar incidents in recent years on US brewer Molson Coors Beverage Co., Mondelez International and fast-food chain Wendy’s.

Analysis: Talk of cybersecurity in food manufacturers’ filings has doubled in year

Analysis: How quickly is food industry filling cybersecurity roles?

Analysis: Revealed: The food manufacturers leading the way on cybersecurity