TOMRA subject to cyberattack

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,364
TOMRA has been targeted by an extensive cyberattack directly affecting some of the company’s data systems. Relevant authorities have been informed, and all available internal and external resources have been mobilized to contain and neutralize the incident.

The attack was discovered in the morning of July 16th (CET), and immediate actions were taken to stop it and mitigate consequences. We immediately disconnected some systems to contain the attack, and TOMRA is currently assessing whether customers and employees might experience reduced stability in our services. Our primary focus now is to get all systems up and running again as fast as possible.
TOMRA Cyber attack update 2
In reference to the release on 17 July 2023 regarding an extensive cyberattack against TOMRA affecting some of the company’s data systems. To contain the attack, we immediately disconnected selected services and have since disconnected others. A team of internal and external resources is working around the clock to resolve the situation, and affected systems will remain offline until it is safe to open them. No new hostile activities have been detected.

Our primary aim is to continue to deliver our services to customers, reducing the impact this attack has on them. The attack currently has limited impact on TOMRA’s customer operations. Most of TOMRA’s digital services are designed to operate offline for a certain amount of time but may have reduced functionality in the interim. A team is working to establish temporary solutions for all digital systems to support keeping costumer solutions operational over time.

Status of external services:
  • TOMRA Group: Internal IT-services and some backoffice applications remains offline and affects our supply chain management. Major office locations are offline, and employees are asked to work remotely.
  • TOMRA Collection: The reverse vending machines (RVMs) in operation are from different generations. In Europe and Asia the majority continue to work in offline mode, while a limited number of old RVMs are no longer operating. RVMs in Australia and North America remain online and fully connected.
  • TOMRA Recycling: Currently operating as usual, but some functionality is limited due to digital services being offline.
  • TOMRA Food: Currently operating as usual, but some functionality is limited due to digital services being offline.
TOMRA was founded in 1972, based on the design, manufacturing and sale of reverse vending machines (RVMs) for automated collection of used beverage containers. Today TOMRA provides technology-led solutions that enable the circular economy with advanced collection and sorting systems, and food processing by employing sensor-based sorting and grading technology.
 

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,364
July 20th Update on Cyberattack
Development since last update:
  • We have successfully started the process of establishing digital services for our Reverse Vending Machines (RVMs) on a new, independent, cloud-based platform. We started contacting some customers today to get the first batch of RVMs in Europe back online.
  • The forensics team is starting to establish a picture of the cause and nature of the attack, but we continue to investigate to identify other potential points of entry and make sure we uncover the full nature of the attack. Further information is provided below.
  • No new hostile activities have been detected.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top