Oreo Cookie maker says crooks Gobbled Up staff info

upnorth

Level 68
Thread author
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
Mondelez International has warned 51,000 of its past and present employees that their personal information has been stolen from a law firm hired by the Oreo and Ritz cracker giant.

To be clear, the miscreants didn't infiltrate Mondelez's IT estate: they broke into Bryan Cave Leighton Paisner LLP's network. And as one of Mondelez's legal services providers, Bryan Cave had copies of and access to sensitive personal information belonging to current and former Mondelez workers. As the snack giant noted in its security breach notification to 51,110 individuals on Friday: "Please know that this incident did not occur on or affect Mondelez systems or networks in any way." Considering Mondelez was among the global companies hit in the NotPetya outbreak — and it recently settled its lawsuit against Zurich American Insurance Company, which it brought because the insurer refused to cover Mondelez's $100-million-plus cleanup bill — the fact that this was a third-party privacy breach probably provided a small bit of relief somewhere. Bryan Cave, we note, did not represent Mondelez in the NotPetya insurance legal battle.

While the cookie monster company is "unaware of any attempted or actual misuse of your information," it told affected employees, past and present, that the crooks accessed their social security numbers, first and last names, addresses, dates of birth, marital status, gender, employee identification numbers, and Mondelez retirement plan details.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top