everest attacks Reckitt Benckiser

Incident Date:

April 20, 2022

World map



everest attacks Reckitt Benckiser


Reckitt Benckiser




Kifisia, Greece

Kifisia, Greece

First Reported

April 20, 2022

Reckitt Benckiser Suffers Ransomware Attack by Everest Group

Company Overview

Reckitt Benckiser, a multinational company with a diverse workforce of approximately 40,000 people, is committed to protecting, healing, and nurturing in the pursuit of a cleaner, healthier world.

Industry Standout

As a leading player in the manufacturing sector, Reckitt Benckiser boasts a strong presence in the hygiene, health, and nutrition markets. The company's portfolio features well-known brands such as Dettol, Harpic, and Strepsils.


The specific vulnerabilities exploited in the ransomware attack by the Everest group have not been disclosed. Typically, ransomware attacks leverage weaknesses in software, outdated systems, or human error, including phishing emails or unsecured remote access.

Response and Mitigation

In response to the ransomware attack, organizations generally undertake a series of steps to mitigate the damage, recover data, and safeguard against future incidents. These measures often involve disconnecting affected systems, restoring from backups, and consulting with cybersecurity experts and law enforcement.

The ransomware attack on Reckitt Benckiser by the Everest group underscores the persistent cybercrime threat facing the manufacturing sector. It is imperative for companies to maintain vigilance and invest in comprehensive cybersecurity strategies to defend their operations and preserve customer trust.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.