1 week ago
11
WK Kellogg has notified its employees and vendors of a data breach related to the 2024 Cleo ransomware attacks, where the Clop group exploited vulnerabilities to steal company data.
WK Kellogg has acknowledged data breach in Cleo ransomware attack. (Photo: Shutterstock)
WK Kellogg Co, a US-based food manufacturing company, has informed its employees and vendors about a data breach linked to the 2024 Cleo ransomware incidents, reported BleepingComputer. The breach involved the theft of company data by the Clop ransomware group. The attackers used two zero-day vulnerabilities, identified as CVE-2024-50623 and CVE-2024-55956, to gain access to servers and extract sensitive data.
“WK Kellogg learned on February 27, 2025, that a security incident may have occurred involving Cleo,” the notice reads. “WK Kellogg immediately began to investigate. We contacted Cleo, and Cleo informed us that an unauthorised person gained access on December 7, 2024, to the servers Cleo hosted for us that were used for transferring employee files to our human resources service vendors. Cleo then gave a list of the files that were on the involved servers on the day the unauthorised access occurred. The files were reviewed, and it was determined that the files contained the name and Social Security number of one Maine resident.”
On 4 April 2025, WK Kellogg sent a notification to the Maine resident affected by the breach, offering a year of complimentary credit monitoring and identity protection services. The company has also established a toll-free helpline to address any questions from those impacted.
WK Kellogg enhances vendor security measures post-breach
To enhance data protection, WK Kellogg has required vendors, including Cleo, to implement stringent security protocols. The company has collaborated with Cleo to identify and address the security deficiencies that led to the breach.
WK Kellogg, headquartered in Battle Creek, Michigan, focuses on ready-to-eat cereals and owns brands such as Frosted Flakes, Froot Loops, Raisin Bran, and Rice Krispies. The company was established in 2023 following its separation from the Kellogg Company, which was rebranded as Kellanova.
Although the US-based food company has not directly revealed Clop or the specifics of the data theft, the timing coincides with the December 2024 attacks. The breach notification to authorities confirmed that the compromised data included names and social security numbers.
The notification letter provided recipients with instructions on how to enrol in Kroll’s free one-year identity monitoring and fraud protection services. Affected individuals are encouraged to consider placing fraud alerts or a security freeze on their credit reports.
WK Kellogg has worked with Cleo to enhance security measures and prevent future breaches. The company is among several victims impacted by Clop’s Cleo zero-day attacks, with the group gradually disclosing more victims and data over time. Last month, Western Alliance Bank in Arizona reported a similar breach, affecting 22,000 customers whose personal data was compromised during an October 2024 attack on Cleo’s secure file transfer software.
Read more: Clop gang threatens 66 companies after exploiting Cleo software vulnerability
More Relevant
close
Sign up to the newsletter: In Brief
Your corporate email address *
I would also like to subscribe to:
Vist our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
