Defunct produce grower, shipper, and manufacturer Growers Express recently announced a cybersecurity breach. Although the business closed in 2022 to make room for Green Giant’s Fresh products, Growers Express retained employee information. As a consequence of the breach, saved employee data may have been exposed.
The Notice of Data Breach provided to the Maine Attorney General’s office states the attack was a “sophisticated computer attack.” The threat actors accessed the old Growers Express IT environment, intending to extort money. In other words, the attack was a ransomware event; instead of encrypting files, the actors stole data.
The Maine filing lists the attack as occurring on or around May 20th, 2023. On or around October 9th, professionals discovered the attack and immediately launched an investigation alongside third-party experts. By October 31st, professionals notified those potentially impacted by the breach.
The notification letter states that employee data has been breached. Further, the Maine filing lists at least 1,700 individuals at risk following the event. Growers Express’ investigation suggests the actors were not interested in the data. The actors were more invested in the extortion plots they might have profited from.
The number of impacted files is not public; however, old employees of Growers Express should take immediate steps to protect themselves. Although the investigations are ongoing, individuals can prevent most unwanted cybercrime by implementing safeguards early.