Erie Meats Hit by Play Ransomware: Data Compromised in Major Cyberattack
Incident Date:
August 13, 2024
Overview
Title
Erie Meats Hit by Play Ransomware: Data Compromised in Major Cyberattack
Victim
Erie Meats
Attacker
Play
Location
First Reported
August 13, 2024
Ransomware Attack on Erie Meats by Play Ransomware Group
Erie Meats, a prominent Canadian company specializing in meat processing and food production, has recently fallen victim to a ransomware attack orchestrated by the notorious Play ransomware group. The company, headquartered in Mississauga, Ontario, operates additional facilities in Listowel and employs around 327 people. With over 750,000 square feet of production and distribution space, Erie Meats generates approximately $200 million in annual revenue.
Company Overview
Founded in 1977, Erie Meats has grown from a small processing plant in Toronto to one of Canada's largest meat processors. The company produces a wide range of meat products, including chicken, pork, turkey, and beef, catering to both retail and foodservice sectors. Their product offerings include hotdogs, sausages, deli meats, ribs, burgers, and various prepared items such as battered and breaded chicken and sous vide products. Erie Meats is known for its commitment to quality, utilizing state-of-the-art technology and high-quality raw materials in its production processes.
Attack Overview
The ransomware attack on Erie Meats has compromised private and personal confidential data, including client documents, identification information, and other sensitive details. The Play ransomware group, also known as PlayCrypt, has claimed responsibility for the attack via their dark web leak site. The group has been active since June 2022 and has targeted a diverse range of industries, including IT, transportation, construction, materials, government entities, and critical infrastructure.
About Play Ransomware Group
Play ransomware group distinguishes itself by employing various methods to gain entry into networks, including exploiting RDP servers, FortiOS vulnerabilities, and Microsoft Exchange vulnerabilities. They use tools like Mimikatz for privilege escalation and custom tools to enumerate users and computers on compromised networks. The group is known for its minimalistic ransom notes, directing victims to contact them via email without an initial ransom demand.
Potential Vulnerabilities
Erie Meats' extensive production and distribution network, coupled with its reliance on state-of-the-art technology, may have presented vulnerabilities that the Play ransomware group exploited. The group's ability to disable antimalware and monitoring solutions, along with their use of tools like Process Hacker and GMER, could have facilitated the penetration of Erie Meats' systems.
Impact and Implications
The attack on Erie Meats underscores the growing threat of ransomware to critical industries, including food production. The compromise of sensitive data not only affects the company's operations but also poses significant risks to its clients and partners. As ransomware groups like Play continue to evolve their tactics, it is crucial for companies to bolster their cybersecurity measures to mitigate such risks.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.