The ransomware incident that affected Herbapol-Lublin is another wake-up call for food companies in Poland. While for years it was the financial and energy sectors that remained the focus of cybercriminals, today food processing companies – especially those with large reach, extensive supply chains and IT infrastructures reliant on automation – are increasingly on target.
Herbapol has confirmed that it was the victim of an encryption software attack. The criminals demanded a ransom of $900,000. The company has not bowed to the pressure, has implemented crisis procedures and is working with specialised services and technology partners. It has reported the incident to the CBZC and UODO, among others. The company’s online shop remains inaccessible – preemptively, due to the potential leakage of customer data.
“The company “Herbapol-Lublin” S.A. fell victim to an organised cyber-attack using malware. As a result of the attack, there was a temporary loss of accessibility to part of the IT systems. The company immediately implemented security procedures, initiated corrective actions and cooperated with specialised services and technology partners. In accordance with data protection regulations, the incident was reported to:
- Central Office for Combating Cybercrime,
- CERT Polska (NASK),
- President of the Office for the Protection of Personal Data.
Our priority is to fully restore the functioning of the systems and ensure the highest standards of data security.” – Herbapol’s official announcement said.
The technical details of the attack are not known, but its scale – paralysis of parts of systems and loss of access to data – points to an advanced operation, probably using so-called double extortion: encryption of data combined with the threat of making it public. The lack of information about the source of the attack and the entry vector makes it difficult to draw wider conclusions, but knowing the patterns of ransomware groups, we can assume that it was a case of exploiting a software vulnerability or user error.
The food and beverage industry is becoming more dependent on technology every year. Digital systems that control production, warehousing and distribution, integrated with ERP systems and online sales, create complex environments – attractive to cyber criminals and often poorly protected. Reports from Check Point and IBM Security show that the food and beverage sector has experienced an increase of up to 70% in ransomware incidents in the last two years.
The attack on Herbapol is a reminder that cyber security in the food industry can no longer be treated marginally. Even a short operational downtime can mean serious financial losses, supply disruptions, as well as legal consequences related to personal data breaches. For the industry as a whole, it is a wake-up call to review systems, procedures and IT security budgets.
