Pepsi Bottling Ventures Discloses Data Breach

Share This Post

Pepsi Bottling Ventures, the largest privately-held bottler of Pepsi-Cola products in the United States, says personal information was stolen from its systems following a malware attack.

Founded in 1943, the company operates 18 bottling and distribution facilities in North and South Carolina, Maryland, Virginia, and Delaware, and employs more than 2,300 people.

On February 10, the company started sending out notification letters to inform an unknown number of individuals that their personal information might have been compromised during a month-long data breach.

The incident, Pepsi Bottling Ventures says, was discovered on January 10, but the investigation that was launched into the matter revealed that attackers gained access to the company’s network on December 23. The unauthorized access was blocked on January 19.

While dwelling in Pepsi Bottling Ventures’ network, the attackers deployed malware and downloaded information stored on the systems they had access to, the company notes in the notification letter, a copy of which was filed with the Montana Attorney General.

Stolen personal information includes names, addresses, email addresses, financial information, Social Security numbers, driver’s license numbers, ID card and password information, benefits information, health insurance information, medical history, health and health insurance claims, and digital signatures.

The company says it has taken steps to contain the incident and improve its security, including by prompting a company-wide password reset on all employee accounts.

Pepsi Bottling Ventures did not reveal the type of malware used in the attack and it’s unclear if the attack was conducted by a ransomware group. 

SecurityWeek has emailed the company for additional clarifications on the cyberattack and will update this article as soon as a reply arrives.

Related: 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder

Related: 820k Impacted by Data Breach at Zacks Investment Research

Related: 25k Nissan Customers Affected by Data Breach at Third-Party Software Developer

SecurityWeek RSS Feed

Read More

More Articles
Article

Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.
Article

BFU – Seeing is Believing

Oh no, the device is in BFU. This is the common reaction; a device needs extracting, and you find it in a BFU state. Often, there’s an assumption that a BFU extraction will only acquire basic information, but that isn’t always the case.

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .