Pepsi Bottling Ventures says info-stealing malware swiped sensitive data • The Register
Crooks have breached Pepsi Bottling Ventures’ network and, after deploying info-stealing malware, made off with sensitive personal and financial information according to a notification sent to consumers.
The breach happened on or around December 23, 2022. However, Pepsi Bottling Ventures – America’s largest manufacturer and distributor of Pepsi-Cola beverages – didn’t discover the unauthorized activity until January 10, we’re told.
“We took prompt action to contain the incident and secure our systems,” CEO Derek Hill wrote in a breach notification letter [PDF].
The preliminary investigation determined the intruder accessed internal IT systems, installed malware and downloaded “certain information” contained on the infected systems. That information included names, home addresses, email addresses, government-issued identification including drivers license numbers, social security numbers, and passport information, according to the notification.
Additionally, crooks stole some financial information including a “limited number” of people’s passwords, PIN codes, and other access numbers, along with digital signatures, benefit and employment information, and health insurance claims and policy numbers.
“While we are continuing to monitor our systems for unauthorized activity, the last known date of unauthorized IT system access was January 19” Hill wrote, adding that Pepsi Bottling Ventures is not aware of any identity theft or other fraud involving people’s stolen data.
After discovering the breach, the fizzy biz claims it took “prompt action” to secure its IT systems, and reported the attack to law enforcement. It also has “taken a number of steps” to boost its network security in light of the breach, although we don’t have much information as to what those steps include, aside from “requiring the change of all company passwords.”
The Register reached out to Pepsi Bottling Ventures requesting more information about its new security measures, as well as the size and scope of the breach, but we’ve yet to hear back. We will update this story with additional information if we do.
To help “restore confidence” in Pepsi Bottling Ventures the company says it will…
