WK Kellogg, a household name known for its breakfast products such as Cornflakes and Frosties, recently announced that company data was stolen in an attack in 2024. In a statement to the appropriate authorities, it was revealed that the stolen data included names and social security numbers.
The food giant only became aware on February 27, 2025, that Cleo, its provider of managed file transfer services like EDI, had been hit by a cyberattack at the end of the previous year. According to a report by Bleeping Computer, the attack was part of a large-scale data theft operation by the ransomware gang known as Clop.
The attackers reportedly exploited two zero-day vulnerabilities (CVE-2024-50623 and CVE-2024-55956) in Cleo’s system to infiltrate servers and steal data. This incident highlights the increasing sophistication and brazenness of cybercriminals targeting high-profile companies like WK Kellogg.
The security breach has raised concerns about the vulnerability of companies like WK Kellogg to cyberattacks and the importance of implementing robust cybersecurity measures to safeguard sensitive data. It also underscores the need for companies to carefully vet their third-party service providers to ensure they have adequate security protocols in place.
WK Kellogg’s response to the breach will be closely monitored by industry analysts and cybersecurity experts, as the incident could have far-reaching implications for the company’s reputation and customer trust. The disclosure of the breach is a reminder to all organizations of the critical need to prioritize cybersecurity and invest in proactive measures to prevent and mitigate such incidents.
As the investigation into the data breach continues, WK Kellogg is likely to face scrutiny from regulators and stakeholders alike. The company may also come under pressure to enhance its cybersecurity practices and take steps to prevent future breaches.
The fallout from the data breach is a stark reminder of the evolving threat landscape facing businesses in the digital age. Companies must remain vigilant and proactive in their efforts to protect against cyber threats and ensure the security of their data and systems.
Overall, the incident serves as a wake-up call to companies across industries about the urgent need to prioritize cybersecurity and take proactive measures to mitigate the risks posed by cyberattacks. As WK Kellogg works to recover from the data breach and strengthen its cybersecurity defenses, the broader business community will be watching closely to see how the company responds to this significant security incident.