Sysco, a global food distributor, fell victim to a cyberattack that resulted in the unauthorized access of sensitive personal information belonging to over 125,000 current and former employees. The breach, which occurred in January, went undetected for nearly three months before being discovered.
While Sysco did not disclose the nature of the attack or the responsible group, they confirmed that the hackers claimed to have obtained certain data.
The company has initiated an investigation in collaboration with a prominent cybersecurity firm and has informed federal law enforcement agencies. Although the breach exposed payroll-related information like names, social security numbers, and account details, Sysco is unable to determine the exact impact on each individual employee.
As a precautionary measure, affected individuals are being offered 24 months of identity protection services through Experian.
Despite the breach, Sysco assured that its operational systems and business functions were unaffected, ensuring uninterrupted customer services. The incident was reported to the U.S. Securities and Exchange Commission, with Sysco disclosing that the hackers also accessed additional company data, including information pertaining to business operations and customers.
The investigation is ongoing, and Sysco is actively preparing to fulfill its obligations regarding the compromised data.
