Cyber Incident Victim: AGCO

On May 5, 2022, AGCO Corporation, a major US agricultural machinery manufacturer, experienced a ransomware attack that disrupted operations at some of its production facilities. The company publicly disclosed the incident on May 6, confirming significant impacts to its business operations. AGCO initiated containment measures that likely involved shutting down portions of its IT infrastructure to prevent further propagation of the attack. The company's investigation remained ongoing at the time of disclosure, with no specific details released regarding the ransomware variant used or initial attack vectors. AGCO anticipated operational disruptions lasting several days or longer, depending on system restoration timelines, though the full scope of affected facilities wasn't disclosed. The agricultural equipment manufacturer emphasized that recovery would require substantial time to fully resume all services across its global operations.

AGCO, generating over $9 billion in annual revenue with 21,000 employees, owns prominent brands including Fendt, Massey Ferguson, Challenger, Gleaner, and Valtra. The attack occurred amid FBI warnings about increasing ransomware targeting of the US agriculture sector, which the agency classified as critical infrastructure. Historical context included two notable 2021 attacks against agricultural cooperatives—NEW Cooperative and Crystal Valley—that disrupted food production systems. The incident coincided with AGCO's publicized humanitarian support for Ukrainian farmers during Russia's invasion, though no threat actor claimed responsibility or provided explicit motives. Potential supply chain impacts were noted due to AGCO's market position in farm equipment manufacturing and distribution. The company maintained limited public communication following the initial disclosure, declining to provide additional details about operational recovery timelines or data compromise when contacted by media outlets.