Manufacturer of Jack Daniel’s, Herradura & Glendronach was hacked; 1 TB of data leaked

Any kind of organization can be the victim of a cybersecurity incident. Specialists report that the American company Brown-Forman, one of the world’s leading wine and liquor companies, has been the victim of a ransomware attack in which about 1 TB of confidential data would also have been stolen.

The Kentucky-based firm owns popular brands such as Jack Daniel’s, Woodford Old Forester, Tequila Herradura, Glendronach, El Jimador, among others. Apparently the threat actors are trying to sell the compromised information.

The attack was reportedly perpetrated by Sodinokibi operators (also known as REvil), who infiltrated the company’s networks illegitimately, staying for more than a month and extracting data stored in the cloud and locally. Committed information includes sensitive employee data, company agreements, contracts, internal documents, and more.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es brownforman01.jpg
SOURCE: BleepingComputer

Through a website dedicated to leaks, threat actors posted multiple screenshots showing the compromised data, confirming their claims. The compromised information dates back to 2009, although there are more recent documents.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es brownforman02.jpg
SOURCE: BleepingComputer

In statements for BleepingComputer the company confirmed the attack, adding that data theft was a real possibility: “Unfortunately, we have reason to believe that some records were affected. We are working in collaboration with world-class cybersecurity authorities and specialists in investigating this incident,” the company spokesman said.

The company also confirmed that they have not contacted threat actors to negotiate the payment of a ransom. As reported in previous incidents, malicious hackers conduct data breach campaigns to pressure companies and force payment, although they may also look for ways to sell the stolen data on hacking forums.

This incident was detected in time by brown-Forman’s IT area, so threat actors did not have enough time to encrypt the compromised information, as a result, the firm’s operations were not affected.

Finally, the hacks continue to intimidate the company, posting new threats against it: “We believe in the prudence of BROWN-FORMAN and we are waiting for them to continue their discussion on an exit to this situation”, published the operators of REvil.