Nestlé Denies Ransomware Attack, Claims Data Leak from Test Website

Nestlé, the world's largest food group by market cap, has denied a recent claim by the hacking collective Anonymous that it suffered a cyberattack and had 10GB of data, including emails, passwords, and client information, leaked. The company stated that the data in question was not stolen but was instead made accessible online for a short period of time on a single business test website in February.

Nestlé's denial of a cyberattack comes after Anonymous threatened companies that have continued to do business in Russia following the invasion of Ukraine, including Nestlé, Cargill, Subway, Burger King, General Mills, Bridgestone, Koch, Chevron, and others. The group had given these companies 48 hours to withdraw from Russia or face cyberattacks.

The company's spokesperson clarified that the data leak was not a result of a cyberattack but was related to a case from February when some randomized and predominantly publicly available test data of a business-to-business (B2B) nature was made accessible unintentionally online for a short period of time on a single business test website. Nestlé quickly investigated and no further action was deemed necessary.

Nestlé has been under pressure to withdraw from Russia due to its continued operations in the country, with Ukrainian President Volodymyr Zelenskyy singling out the company in a speech to protesters in Bern. The company has faced criticism for its decision to keep "essential" food items such as infant formula and products earmarked for humanitarian relief in Russia while suspending the sale of popular snack and beverage brands like Nesquik and Kit Kat.

Despite the denial of a cyberattack, Nestlé has been proactive in addressing cybersecurity concerns. The company has made cybersecurity one of its top priorities and continuously monitors the IT landscape to ensure it stays cybersecurity-resilient.

Sources

• Did Anonymous Carry Out a Cyber Attack on Nestlé? Company Claims Data Leak Was Internal
• Nestlé: Data Leaked by Accident, Not Hacked
• Nestlé Anonymous leak: Food giant denies hack, saying it accidentally leaked data