July 17 (Reuters) – Companies worldwide are grappling with a surge in AI-driven cyberattacks and ransomware that steal sensitive data and disrupt operations
Coca-Cola-owned dairy company Fairlife, LLC, was the latest to join the list on Thursday as it temporarily suspended production operations in the U.S. on Thursday after a third party gained unauthorized access to parts of its systems
The White House said earlier in the week it was launching a coordination group bringing together AI developers and critical infrastructure operators to share information on cybersecurity vulnerabilities identified by advanced AI systems and coordinate responses
Advertisement
Here is a list of U.S. companies that have reported or been affected by cyber incidents this year
January 26 Nike Ransomware group
World Leaks said
on its website
that it had
published 1.4
terabytes of data
from Nike. The
company declined
to comment on the
specifics of its
investigation or
on whether any
ransom was paid
January 28 Bumble, Match Cyberattacks hit
Group, Crunchbase Bumble, Match
and Panera Bread Group and
Crunchbase,
Bloomberg News
reported, while
Panera Bread
disclosed an
incident involving
contact
information and
notified
authorities
February 24 Wynn Resorts Hackers obtained
employee data, the
Advertisement
company said,
prompting an
investigation,
while the
attackers demanded
the equivalent of
about $1.5 million
in bitcoin
March 11 Stryker An Iranian-linked
hacking group
claimed
responsibility for
a cyberattack on
Stryker that
disrupted order
processing,
manufacturing and
shipments
globally, wiping
remote devices
running the
Windows operating
system, though the
medical device
maker said patient
services and
connected medical
products remained
unaffected
March 12 Crunchyroll Hackers claimed
they stole
personal data and
8 million of the
subscription-based
anime streaming
service’s support
ticket records,
including 6.8
million unique
Advertisement
email addresses,
BleepingComputer
reported
March 28 Hasbro The toymaker said
it was
investigating a
cybersecurity
incident that
involved
unauthorized
access to its
network, took some
systems offline,
and warned the
disruption could
cause order
fulfillment delays
for several weeks
April 10 OpenAI OpenAI said it
identified a
security issue
after a
third-party
developer tool
called Axios
caused a GitHub
workflow to
download and
execute a
malicious version
of Axios, but said
it found no
evidence that user
data, systems or
intellectual
property were
compromised
April 13 Take-Two The ShinyHunters
Interactive’s hacking group
Rockstar Games claimed it stole
Advertisement
nearly 80 million
Rockstar Games
business records
by exploiting a
third-party breach
involving
analytics provider
Anodot. Rockstar
said only a
limited amount of
non-material
company
information was
accessed
May 4 West The medical
Pharmaceutical equipment
Services maker said a
cyberattack
involving data
theft and system
lockups disrupted
manufacturing and
logistics
operations
globally,
prompting it to
take systems
offline before
restoring
operations across
its manufacturing,
supply chain and
commercial sites
May 11 Instructure/Canvas Instructure, the
developer of
Canvas, a widely
used educational
learning
management system,
said a
Advertisement
ShinyHunters-linke
d hack disrupted
access and exposed
student and school
data from nearly
9,000
institutions,
before reaching an
agreement under
which the group
said the stolen
data was deleted
and customers
would not be
extorted
May 21 Blank Rome The law firm said
a cybercriminal
group posing as
the firm’s IT
department tricked
an attorney into
uploading files,
exposing personal
information of
57,554 current,
former and
prospective
clients, according
to a proposed
class action
lawsuit
May 27 Carnival The cruise
operator said a
social-engineering
attack compromised
an employee
account, exposing
personal
information
including names,
Advertisement
addresses and
government-issued
identification
numbers, before
the company
blocked the
unauthorized
access and
notified affected
individuals
June 11 Novo Nordisk The Wegovy maker
said unauthorized
actors copied
information from
its internal IT
systems, including
limited clinical
trial patient
data, prompting an
investigation and
the temporary
shutdown of
certain internal
systems, though it
said core
operations were
unaffected
June 15 iRhythm Holdings The medtech firm
said a threat
actor obtained
potentially
sensitive data,
including
proprietary
information and
patient health
information,
through a
social-engineering
attack on
third-party-hosted
Advertisement
business
applications and
later issued a
payment demand,
while the company
said patient care,
medical device
systems and
operations were
unaffected
June 15 AdaptHealth The company said a
“threat actor”
stole patient
information and
insurance billing
passwords after a
social-engineering
attack compromised
a third-party
contractor’s
account, gaining
access to
cloud-based
business
applications and
internal patient
management
systems
June 17 Fortinet Researchers said a
large-scale
hacking campaign
targeting Fortinet
firewall and VPN
devices
compromised about
75,000 systems
worldwide, leading
to password theft
at Fortune 500
companies and
Advertisement
government
agencies across
more than 15
countries
July 16 Coca-Cola Co The beverages
giant said
fairlife
temporarily
suspended U.S
production
operations after
unauthorized
access to parts of
its systems,
including
production-related
systems, while the
dairy company
investigated the
incident and
worked to restore
affected
operations
(Reporting by Anhata Rooprai, Sanskriti Shekhar and Neil J Kanatt in Bengaluru; Editing by Nivedita Bhattacharjee)

