Molson Coors Beverage Company, the brewer behind brands such as Coors Light, Miller Lite, Molson Canadian, Blue Moon, Peroni, Killian’s, and Foster’s has filled a report to the SEC announcing that it experienced a systems outage that was caused by a cyber security incident. In the filing, the company reported that it had “engaged leading forensic information technology firms and legal counsel” to assist its investigation into the incident and was “working around the clock to get its systems back up as quickly as possible”.
Commenting on the incident, Sam Curry, chief security officer at Cybereason stated: “Unfortunately, companies in the alcohol and spirits distribution network are coming under attack. During the Covid-19 pandemic, alcohol has been a creature comfort, and it’s been a good time for business in one corner of the economy – but this puts a target square on their backs. For Molson, I recommend being transparent above all. Be clear and unified in messaging. Get help from people who specialise in crisis communications immediately and put the customers and partners right in the centre of your efforts. The public will see you as a hero or a villain in the end, not a victim. There is no victim option. So, decide what it’s going to be, and manage this appropriately. My advice, by the way, is to choose hero. It’s a better look, and your shareholders, customers and partners will stick with you for the strength and integrity.”
“Whilst Molson Coors have stated they are working hard to restore services, I’m sure an internal investigation is under way to uncover more details about the attack,” added Lewis Jones, threat intelligence analyst at Talion. “My advice to the company would be take the following steps – fully investigate the breach to confirm what information was compromised, change and strengthen login credentials and passwords, ensure any third-party clients are aware of any impact and provide advice around ensuring they stay safe and finally stay alert and monitor your accounts. To attempt to mitigate the likelihood of an attack in future the business should – keep software up to date, encrypt information, use strong login credentials/Multi Factor Authentication and stay up to date with the ever changing and diverse threat landscape. There has been a significant increase in ransomware attacks over the past 12 months, with this technique becoming increasingly popular and lucrative for threat attackers. The company should be mindful that whilst paying the ransom this provides no guarantee that the data will be deleted and won’t be published in the future.”
While the brewer has stated it is actively managing this cybersecurity incident, its filing to the SEC added that “it has caused and may continue to cause a delay or disruption to parts of the Company’s business, including its brewery operations, production and shipments.”