Cyber Incident Victim: Hazeldenes
Date:
Feb 2022
Location:
Australia
Summary
Hazeldenes, a major Australian poultry producer, experienced a cyberattack that disrupted production across its numerous farms and processing facilities. The company immediately contained the incident, engaged external cybersecurity experts, and notified authorities, beginning a phased approach to safely restore operations. This disruption caused shortages for pubs and butchers in Victoria, impacting supply to major supermarkets and retailers. The investigation remains ongoing, with the company apologizing for the disruption and stating it will notify individuals if data was compromised. This incident is part of a recent trend of cyberattacks targeting food businesses globally, including similar events at other large producers.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 0 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Production at Hazeldenes, a major Australian poultry processor, was disrupted following the detection of a cybersecurity incident on Thursday, 19 February 2022. The company immediately initiated response measures to contain the incident, engaged external cybersecurity experts to assist, and notified relevant authorities. In an update posted on 25 February, Hazeldenes confirmed it had begun a phased approach to safely and securely restore production operations. The business, which operates farms, hatcheries, and processing facilities across more than 50 sites in Victoria, processes approximately 900,000 birds weekly and produces over 85 million kilograms of chicken annually for major supermarket chains and other retailers. While the company stated it is working with partners to restore impacted operations and understand the full scope of what happened, it has not publicly quantified the specific operational or financial impact. Australian broadcaster ABC reported that pubs and butchers in Victoria experienced chicken shortages linked to the incident, indicating a tangible supply chain disruption for some customers. Hazeldenes apologized for the disruption and any concern caused, noting that if any personal data was impacted, affected individuals would be notified as required by law. The investigation into the matter was described as ongoing, with no further technical details about the nature of the attack or the systems affected disclosed by the company at that time.
The incident at Hazeldenes occurred against a backdrop of increasing cyber threats targeting the global food and agriculture sector. The company, which sold a majority stake to private-equity firm BGH Capital in 2021 while the Hazeldene family retained a minority interest, is described as one of Australia’s largest fully integrated poultry producers, a business established in 1938. The cyberattack joined a series of similar incidents reported at other major food businesses, including Japanese group Asahi, US grocery wholesaler UNFI, a German site operated by Arla Foods, and South African poultry major Astral Foods, which issued a profit warning linked to a breach. The case also paralleled an earlier attack on Canadian meat processor Maple Leaf Foods in 2022. Hazeldenes’ public communication focused on containment, restoration, and cooperation with authorities and partners, without attributing the attack to any specific threat actor or disclosing whether a ransom demand was received. The company’s statement emphasized a cautious, phased return to production to ensure safety and security, reflecting the operational criticality of its processing facilities and the potential for prolonged disruption in a just-in-time supply chain. The reported shortages in Victoria demonstrated the immediate, real-world consequence of the IT disruption on downstream retailers and consumers, even as the full extent of data compromise or production loss remained undetailed in the public domain.