{
	"id": "38abd8ec-550e-4cde-9583-389667bea6d0",
	"created_at": "2026-04-06T00:09:05.729717Z",
	"updated_at": "2026-04-10T03:21:07.403864Z",
	"deleted_at": null,
	"sha1_hash": "391126353edb0be143e8ed4770877154565b4a3f",
	"title": "U.S. spirits and wine giant hit by cyberattack, 1TB of data stolen",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2693195,
	"plain_text": "U.S. spirits and wine giant hit by cyberattack, 1TB of data stolen\r\nBy Ionut Ilascu\r\nPublished: 2020-08-15 · Archived: 2026-04-05 21:34:01 UTC\r\nBrown-Forman, one of the largest U.S. companies in the spirits and wine business, suffered a cyber attack. The intruders\r\nallegedly copied 1TB of confidential data; they plan on selling to the highest bidder the most important info and leak the\r\nrest.\r\nHeadquartered in Louisville, Kentucky, the company holds world-known whiskey and scotch brands like Jack Daniel's,\r\nWoodford, Old Forester, Collingwood, Glenglassaugh, and Glendronach; Herradura, El Jimador, and Pepe Lopez tequila;\r\nFinlandia vodka, and Sonoma-Cutrer wines.\r\nDocuments old and new, backups\r\nSodinokibi (REvil) ransomware operators announced on Friday that they had compromised Brown-Forman's computer\r\nnetwork and spent more than a month examining user services, cloud data storage, and general structure.\r\nhttps://www.bleepingcomputer.com/news/security/us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nFollowing the incursion, the attackers claim they stole 1TB of data that includes confidential information about employees,\r\ncompany agreements, contracts, financial statements, and internal correspondence.\r\nIn a post on their leak site, REvil published multiple screenshots with directory trees, files with names that appear to support\r\ntheir claims, and internal conversations between some employees. The pics show documents dating as far back as 2009.\r\nThe actor also published screenshots of database backup entries as recent as July 2020, suggesting that the intruder had\r\nplenty of time to roam the network.\r\nRansomware failed to encrypt devices\r\nThe company confirmed the attack for BleepingComputer, adding that there is a strong suspicion that data was stolen from\r\ntheir systems.\r\n\"Unfortunately, we believe some information, including employee data, was impacted. We are working closely with law\r\nenforcement, as well as world-class third-party data security experts, to mitigate and resolve this situation as soon as\r\npossible,\" the Brown-Forman spokesperson told us.\r\nAt this moment, there are no active negotiations with the attacker, the company told BleepingComputer. Leaking and\r\nauctioning the files is an attempt from REvil to squeeze Brown-Forman into paying a ransom. In exchange, the actor\r\npromises to delete all copies of the data and not use it in the future.\r\nhttps://www.bleepingcomputer.com/news/security/us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen/\r\nPage 3 of 4\n\nAlthough the final step in a ransomware attack is to encrypt data, REvil did not get to deploy this routine. Brown-Forman\r\ndetected the attack and stopped it before data was locked, a company representative told BleepingComputer.\r\n\"Brown-Forman was the victim of a cybersecurity attack. Our quick actions upon discovering the attack prevented our\r\nsystems from being encrypted\" - Brown-Forman spokesperson\r\nREvil is now beating the drum about this data trove hoping that they would force a payment or get a higher price in an\r\nauction. They say that it contains details about the company's corporate clients and could be useful for investors and\r\ncompetition.\r\n\"We still believe in the prudence of BROWN-FORMAN and are waiting for them to continue their discussion of a way out\r\nof this situation\" - REvil posted.\r\nBrown-Forman, however, does not seem willing to restart discussions with REvil:\r\n\"Protecting the privacy and security of personal information is extremely important to us. The Company deeply regrets any\r\ninconvenience or concern this may cause. Keeping information secure is a priority for Brown-Forman. We know this news\r\ncomes at an already challenging time and may be disconcerting given the uncertainty of the situation.\"\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen/\r\nhttps://www.bleepingcomputer.com/news/security/us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen/"
	],
	"report_names": [
		"us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen"
	],
	"threat_actors": [],
	"ts_created_at": 1775434145,
	"ts_updated_at": 1775791267,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/391126353edb0be143e8ed4770877154565b4a3f.pdf",
		"text": "https://archive.orkl.eu/391126353edb0be143e8ed4770877154565b4a3f.txt",
		"img": "https://archive.orkl.eu/391126353edb0be143e8ed4770877154565b4a3f.jpg"
	}
}