FOOD giant KP Snacks was last night being held to ransom by Russian cyber thugs.
The brand – which produces Hula Hoops, Skips and KP Nuts – was hacked at the end of last week.
Food giant KP Snacks was last night being held to ransom by Russian cyber thugsCredit: Morrisons
They have now been given five days to pay up before highly confidential data is leaked online.
Retailers, supermarkets and pubs have been warned to expect severe delays and cancellations to deliveries.
Frantic bosses said they were not able to “safely process orders or dispatch goods” following the attack.
It is feared the devastating hit to supplies could last “until the end of March at the earliest”.
The firm has introduced a cap on orders to protect its current stocks amid fears of major shortages.
In a letter sent to retailers yesterday the firm said: “With regret we are now able to confirm that we have been the victims of a cyber attack.
“Our systems have been compromised by ransomware.
“Through the weekend our IT team and third party experts have been assessing the scale of the intrusion and continue to do so.
“As a result, at this stage, we cannot safely process orders or dispatch goods.
“We have teams working through the resolution, but it is unknown when it will be resolved.”
Russian cyber criminals have hacked KP SnacksCredit: Alamy
Famous brand: KP Snacks produces Skips – but supplies could now be delayed or cancelledCredit: Stewart Williams – The Sun
Nisa, owned by the Co-Op Group, said: “Initial discussions have highlighted that no orders will be placed or delivered for a couple of weeks at least.
“Service could be affected until the end of March at the earliest.
“Please expect supply issues on the base stock and promotions until further notice.
“In the meantime, we will max cap stock to ensure we manage what stock we do have.”
The attack was launched using the sophisticated Russian-based Conti
Ransomware Group which “wiped out” the firm’s IT and communication systems last Friday.
The software was first identified in Saint Petersburg in 2020 and is capable of affecting all versions of Microsoft Windows.
It encrypts files and uninstalls the Windows Defender application. It is also able to target specific drives as well as individual IP addresses.
Sources said KP’s sensitive files, including employee records and financial documents, had been attacked.
Pay up: Russian cyberthugs have ordered KP Snacks to pay ransom before confidential data is leaked
Last night, the Conti group claimed responsibility for the attack and shared samples of credit card statements, birth certificates, spreadsheets with employee addresses and phone numbers, confidential agreements, and other sensitive documents.
They said KP had been given five days to pay up or it would release more proprietary data on its public blog.
It is not clear if KP is currently negotiating with Conti or if it will pay a ransom.
Conti is a Ransomware-as-a-Service (RaaS) operation linked to the Wizard Spider Russian cybercrime group, also known for other notorious malware, including Ryuk, TrickBot, and BazarLoader.
The ransomware group’s affiliates breach targets’ networks after corporate devices get infected with BazarLoader or TrickBot malware, providing them remote access to the compromised system.
In recent weeks, Conti has rapidly climbed up the ranks among ransomware groups after repeatedly targeting prominent organizations.
Last month, Conti claimed responsibility for attacking Bank Indonesia, the country’s central bank, and began leaking its data.
In December 2021, Conti had breached the systems of Nordic Choice hotel group, freezing the hotel properties’ key cards.
The ransomware gang’s former targets have included Ireland’s Department of Health (DoH) and Health Service Executive (HSE), and marketing giant RR Donnelly (RRD).
The FBI have also recently issued an advisory warning of an increased number of Conti ransomware attacks.
In a statement, KP Snacks said: “On Friday, 28 January we became aware that we were unfortunately victims of a ransomware incident.
“As soon as we became aware of the incident, we enacted our cybersecurity response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation.
“Our internal IT teams continue to work with third-party experts to assess the situation.
“We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologise for any disruption this may have caused.”
The latest disruption to the crisps and snacks category follows IT issues at rivals Walkers in October, resulting in gaps on shelves that lasted through to the end of December.
And in December, Spar wholesaler and store operator James Hall was also hit by severe IT issues after a cyber attack impacted more than 600 independent and centrally owned Spar stores across the north of England, forcing many to close.
KP Snacks, which also produces PopChips, Wheat Crunchies, Tyrrells, Pom Bear and Nik Naks, employs more than 2,000 people.
It’s annual revenue is estimated to be worth £450million.