DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

B&G Foods attacked by Daixin Team; files leaked

Posted on February 12, 2023 by Dissent

B&G Foods describes itself as a “multibillion dollar company with more than 50 brands and one purpose: Delicious food from our family to yours.” Some of the California firm’s brands are Crisco, Green Giant, Cinnamon Toast Crunch, Cream of Wheat, and Vermont Maid Syrup. But a recent cyberattack by Daixin Team has allegedly resulted in the encryption of an estimated 1,000 hosts and the exfiltration of files that have now been leaked on Daixin’s dark web leak site.

Listing on Daixin leak site adds B&G Foods. Daixin's leak includes "STOLEN DATA INCLUDES:Internal documents and databases dump"
Daixin’s leak site listing claims internal documents and databases exfiltrated from B&G.

 

A spokesperson for Daixin informs DataBreaches that B&G was locked on February 4. On inquiry, Daixin’s spokesperson wasn’t sure whether they had encrypted all backups and stated that the firm could have recovered.  When asked how they had contacted B&G and whether B&G ever responded, Daixin told DataBreaches that they had left notes on the local network and sent several communications, but B&G did not appear in the chat to respond or try to negotiate.

“Maybe they don’t care about the leak, and like to restore systems the hard way,” the spokesperson added.

Inspecting the leaked files confirmed one of Daixin’s statements to DataBreaches that this wasn’t one of their more significant attacks. The leaked data does include internal company documents. However, the entire dump does not appear to have more serious or confidential corporate files, personnel files, or contractor files.

Some personnel-related files concern employee benefits, while others reveal employees’ birthdays (month and day, but not year) and cellphone numbers. Other files concerned employee benefits.

Some files, however, included sensitive employee data, as the two files below illustrate. The first is a portion of a letter sent to two healthcare professionals asking for their assessment as to whether a named employee was fit for work in light of their job duties, medical condition (severe sleep apnea), and prescribed medication.

Letter to doctor asking for fitness to work evaluation for named employee who suffers from severe sleep apnea and is on a named medication.
Request for a fitness-to-work evaluation for a named employee. The letter indicated his medical issues and prescribed medication. Redacted by DataBreaches.net

 

The second image (below) is the top portion of the first page of a confidential investigation after an incident in which a named contractor was found unconscious on a job site from what appears to have been drug abuse or overdose.

Top portion of a confidential investigative file on an incident involving a contractor found unconscious from drug use.
The top portion of a confidential and privileged report on a contractor found unresponsive on a job site. Redacted by DataBreaches.net. B&G purchased Smuckers in 2020. 

As a multibillion-dollar company, B&G could afford to pay a ransom, and their incident response is likely more attributable to a refusal to be extorted than an inability to pay. But how will they compensate employees whose personal and sensitive details have now been leaked for everyone to read?

DataBreaches sent an email inquiry to B&G yesterday asking whether the encryption had interfered with any of B&G’s functions and whether B&G could decrypt any locked files without Daixin’s decryptor or if they were able to restore from a backup. They did not reply.

This post will be updated if more information is received.

Related Posts:

  • Update: Daixin leaks more data from Bluewater Health…
  • AirAsia victim of ransomware attack, passenger and…
  • SCOOP: ista International takes systems offline in…
  • Pl: Hackers have attacked a company that provides…
  • AirAsia's parent company told to supply documents;…

Post navigation

← And two more class action settlements….
Kimmel Center, Philadelphia Orchestra websites hit by cyber attack →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • AlphV claims they have started contacting some of Tipalti’s clients (1)
  • Research: Privacy as Pretense: Empirically Mapping the Gap Between Legislative & Judicial Protections of Privacy
  • What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
  • On September 2nd, the U.S. branch of Great Star Industrial Co. disbursed a ransom of 1 million dollars to a ransomware group
  • Former Public School Information Technology Manager Charged with Damaging School’s Computer Network
  • Sellafield nuclear site hacked by groups linked to Russia and China
  • Hackers steal IDF patient records from cyberattack on Israeli hospital (corrected)
  • AlphV claims an attack before even alerting the victim. How will that work out for them? (1)

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net