Cyber Incident Victim: Fresh Del Monte Produce
Date:
Jan 2023
Location:
United States of America
Summary
Fresh Del Monte Produce experienced a cyberattack involving unauthorized access to its network, compromising sensitive employee information including names, Social Security numbers, driver's license and passport details, financial account data, and protected health information. The company initiated an investigation, took systems offline to contain the breach, and later confirmed that unauthorized parties accessed files containing confidential personnel records. Following a review of affected data, notification letters were distributed to impacted individuals, though the organization maintained that no consumer data was leaked as a result of the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 13, 2023, Fresh Del Monte Produce, Inc. detected potential unauthorized access to segments of its corporate network, prompting an immediate internal investigation and precautionary measures to isolate affected systems by taking them offline. The Coral Gables-based global fruit and vegetable producer confirmed through its investigation that an external threat actor had infiltrated certain network sections containing confidential employee data. While the company initially asserted no consumer information was compromised in its Massachusetts Attorney General filing, the subsequent review revealed unauthorized exposure of current and former employees' personally identifiable information (PII) and protected health data. The compromised records included full names, Social Security numbers, government-issued identification details (driver's licenses and passports), financial account credentials, and sensitive health information. Fresh Del Monte's forensic team completed analysis of the breached files on April 25, 2023, verifying both the scope of data exposure and the specific individuals impacted across its workforce of over 40,000 employees.
The organization formally notified Massachusetts authorities of the breach on May 16, 2023, through the state's mandatory regulatory filing process, simultaneously initiating direct mail notifications to affected personnel worldwide. This disclosure timeline reflected a 122-day period from intrusion detection to public notification, during which the company conducted system audits and implemented containment protocols to prevent further unauthorized access. The incident exposed vulnerabilities in Fresh Del Monte's data security infrastructure, particularly regarding protection of employee records within its $4.4 billion revenue enterprise. While operational disruptions occurred from taking systems offline, the company maintained business continuity across its fresh produce, beverage, and snack product lines throughout the investigation. No ransomware claims or explicit threat actor motives were disclosed in regulatory filings, with the breach's technical entry vectors remaining unspecified in available public documentation.