Cyber Incident Victim: Ingredion Incorporated

In October 2019, Ingredion Incorporated, a global ingredients solutions provider based in Westchester, Illinois, detected suspicious activity on certain data center servers. The company identified malware infecting portions of its systems, though it did not specify the malware type or initial infection vector. Ingredion promptly engaged external cybersecurity experts to assist with containment and restoration efforts. While the company confirmed the malware incident, it disclosed no evidence of unauthorized access to customer, supplier, or employee data during its preliminary investigation. The remediation process required significant time to restore affected servers, leading Ingredion to warn stakeholders about potential operational delays. The incident disrupted transactional systems, potentially impacting business interactions with customers and suppliers during the recovery period.

The company acknowledged the complexity of restoring impacted infrastructure but did not quantify the number of affected systems or duration of downtime. Ingredion's public statement emphasized ongoing recovery efforts without confirming whether the malware encrypted files or demanded ransom, despite industry speculation linking it to ransomware campaigns like Ryuk observed in contemporaneous attacks. With annual net sales approaching $6 billion and operations spanning 120 countries, Ingredion's scale as a processor of plant-based ingredients for food and beverage industries highlighted its potential attractiveness as a cyber target. SecurityWeek contacted Ingredion for additional technical details, but no further disclosures were reported at the time of publication. The company maintained focus on system restoration while monitoring for any evidence of data compromise beyond the initial assessment.