Incident Report

Bittersweet Reality: The Hershey Company’s Data Breach Incident

By

By

Access Point Consulting

Overview

The Hershey Company, a renowned candy manufacturer, recently experienced a significant data breach impacting 2,214 individuals. The breach, occurring between September 3 and 4, originated from a targeted phishing attack on employee accounts. Despite the breach being promptly detected, the company is actively collaborating with a forensics team and law enforcement to assess the incident's impact.

Delving deeper into the incident, the breach resulted from a sophisticated phishing attack targeting employee accounts. I highlights the need for enhanced cybersecurity training for employees. The unauthorized access gained by the attacker may have compromised a variety of sensitive data including personal details, financial information, and health records. Fortunately, the impact of the breach was limited to a specific number of individuals, mitigating its overall effect.

Personal data such as names, birthdates, contact information, driver’s license numbers, online account credentials, health information, and financial details were potentially compromised. While there is currently no evidence of data misuse, the company is taking a cautious approach, notifying affected individuals for transparency.

Response and Recovery

The company's response to the incident has been comprehensive. The breach was promptly detected, showcasing the effectiveness of the organization's monitoring systems. Stakeholders, including affected individuals, were promptly notified to maintain transparency and caution. As of now, there is no evidence that the acquired data has been misused by an unauthorized party.

In terms of recovery, the collaboration with forensics and law enforcement to assess the situation is ongoing. The company is also assessing the expected downtime and its impact on business operations.

Mitigation

Moving forward, the Hershey Company is focused on mitigation and hardening its security measures. Employee training programs will be enhanced to elevate awareness of cybersecurity threats, with a particular focus on phishing attacks. The incident response plan will be evaluated and improved to enhance the organization's ability to address future incidents effectively. Continuous monitoring and updating of security measures will be implemented to stay ahead of emerging threats. The company aims to extract valuable lessons from this incident to inform and enhance future security practices, ensuring a more resilient cybersecurity posture.

Recommendations

To prevent similar incidents in the future, Access Point Technology has several recommendations for organizations. Employee training programs should be intensified to enhance awareness of phishing attacks. A large area of focus should be on testing employees to ensure readiness for real-life situations. Examples of phishing tests may involve emails posing as legitimate entities such as internal company communications that urge recipients to click on malicious links or provide sensitive information. Recognizing malicious emails is a critical skill emphasized in these training sessions. Participants learn to scrutinize sender addresses, check for spelling and grammar errors, and verify the legitimacy of links by hovering over them before clicking. Multi-factor authentication for online accounts should be implemented or reinforced. Regular reviews and updates of security protocols are essential to address evolving threats effectively. Finally, it’s highly recommended a team of trained cybersecurity professionals are proactively searching for threats to an organization regularly.

Resources

Trending Articles & Security Reports

Resources

CyberWatch

November 22, 2024

Patch Updates, New Malware Threats, and the Ongoing Supply Chain Battle

On this episode of the CyberWatch podcast, there are updates to software across the application and OS spectrum. New malicious campaigns are threatening victims of all sizes, and researchers have performed dissections on malware to give defenders new clues about just what it is they're fighting. All this today, in CyberWatch.

Find out more
October 25, 2024

Ransomware, Supply Chain Attacks, and Nation-State Threats

CyberWatch, by Access Point Consulting, is your weekly source for emerging cybersecurity news, regulatory updates, and threat intelligence. Backed by experts in security consulting, regulatory compliance, and security operations, Access Point enables you to manage cyber risks, respond to incidents, and drive innovation in your company. Read here or on our website; listen on Spotify or Apple Podcasts; or watch on YouTube.website; listen on Spotify or Apple Podcasts; or watch on YouTube. .

Find out more
October 7, 2024

VINs and Losses: How Hackers Take Kias for a Ride

In the age of smart cars and connected devices, convenience often comes with hidden risks. A recently discovered critical vulnerability in Kia vehicles serves as a stark reminder of how our increasingly digital world is making cars new targets for cyberattacks. This vulnerability allowed hackers to remotely control various vehicle functions—using nothing more than a car's license plate number. It highlights the growing threat of cyberattacks on connected cars and the importance of cybersecurity in the automotive industry.

Find out more