Quick Hits

Sysco Data Breach Exposes Customer, Employee Data

Food distribution company first learned of the cyberattack in March 2023.

In an internal memo sent on May 3, global food distribution company Sysco revealed that it had suffered a data breach earlier in the year when sensitive data on customers, employees, and the business, was stolen by cyberattackers.

The company said in a letter to affected individuals that it believes the network breach began on Jan. 14; Sysco became aware of the breach on March 5. "The threat actor gained access to our systems without authorization and claimed to have acquired certain data," the company stated.

Sysco disclosed the data breach in a 10-Q quarterly report with the US Securities and Exchange Commission on May 2.

Though the investigation is ongoing, Sysco said customer and supplier data in the US and Canada as well as personal information of US employees such as names, Social Security numbers, and account numbers are likely to have been impacted or stolen due to this breach.

"Sysco has begun the process of preparing to comply with its obligations with respect to the extracted data," the company stated, though the incident has not affected business operations and individuals that have been impacted by this breach have been told that there is no ongoing threat.

Sysco operates with around 71,000 employees and 333 distribution facilities globally.

Editors' Choice
Jai Vijayan, Contributing Writer, Dark Reading
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading