The attack, which occurred in December 2024, enabled the hackers to access sensitive employee information, including names and Social Security numbers. Clop publicly disclosed the breach on February 25, 2025, via dark web channels. Two days later, WK Kellogg identified its possible involvement and began investigating the extent of the exposure.
While the total number of individuals impacted remains uncertain, reports to regulators confirm that at least four U.S. citizens were affected. Experts suspect the actual number could be much higher due to the type of data compromised and the scope of the transfer service involved.
The company officially notified authorities on April 4, 2025, and has started reaching out to affected individuals with written notices. In response, WK Kellogg is offering one year of complimentary identity theft protection and credit monitoring services through Kroll.
This incident underscores the increasing threat posed by cyberattacks targeting file transfer services. Similar vulnerabilities, such as those seen in the MOVEit software, have led to widespread data leaks in recent months.
Source: Techzine
The European Cyber Intelligence Forum is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.