{
	"id": "5504e4ea-fbfa-4b85-aa06-edda4bb801ab",
	"created_at": "2026-04-06T00:16:00.326379Z",
	"updated_at": "2026-04-10T13:12:15.259805Z",
	"deleted_at": null,
	"sha1_hash": "f15bcf0070bd3fe959fe566936a0ab3c0955de64",
	"title": "Food giant WK Kellogg discloses data breach linked to Clop ransomware",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1293071,
	"plain_text": "Food giant WK Kellogg discloses data breach linked to Clop ransomware\r\nBy Bill Toulas\r\nPublished: 2025-04-07 · Archived: 2026-04-05 14:45:21 UTC\r\nUS food giant WK Kellogg Co is warning employees and vendors that company data was stolen during the 2024 Cleo data\r\ntheft attacks.\r\nCleo software is a managed file transfer utility that was targeted by the Clop ransomware gang en masse at the end of last\r\nyear. This attack leveraged two zero-day flaws tracked as CVE-2024-50623 and CVE-2024-55956, allowing the threat\r\nactors to breach servers and steal data.\r\n\"WK Kellogg learned on February 27, 2025, that a security incident may have occurred involving Cleo,\" reads the notice.\r\nhttps://www.bleepingcomputer.com/news/security/food-giant-wk-kellogg-discloses-data-breach-linked-to-clop-ransomware/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/food-giant-wk-kellogg-discloses-data-breach-linked-to-clop-ransomware/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\n\"WK Kellogg immediately began to investigate. We contacted Cleo, and Cleo informed us that an unauthorized person\r\ngained access on December 7, 2024, to the servers Cleo hosted for us that were used for transferring employee files to our\r\nhuman resources service vendors.\"\r\nWK Kellogg Co is an American food manufacturing giant split from Kellogg's in October 2023. It has an annual revenue of\r\n$2.7 billion and owns popular cereal brands such as All-Bran, Corn Flakes, Froot Loops, and Frosted Flakes.\r\nAlthough the company does not specifically mention Clop or the data theft attacks, the date of the reported incidents\r\ncoincides with the wave of attacks that occurred in December 2024.\r\nFurthermore, the breach notifications come soon after the Clop ransomware gang listed WK Kellogg on their data leak\r\nextortion site.\r\nThe data breach notification shared with the authorities says the exposed data includes a person's name and social security\r\nnumber.\r\nThe letter encloses instructions on how recipients can enroll in a free one-year identity monitoring and fraud protection\r\nservices through Kroll. Impacted individuals are also recommended to consider placing fraud alerts or a security freeze on\r\ntheir credit file.\r\nKellogg says it worked closely with Cleo to identify the security measures it implemented to address last year's breach and\r\nprevent similar incidents from occurring in the future.\r\nKellogg is the latest victim of a long list of companies impacted by Clop's Cleo zero-day attacks, with the threat actors\r\ngradually disclosing additional victims and stolen data samples several months after the incident.\r\nThe previous disclosure came on March 18 by Arizona-based Western Alliance Bank, which informed 22,000 customers\r\ntheir personal data had been stolen in an October 2024 breach of Cleo's secure file transfer software.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nhttps://www.bleepingcomputer.com/news/security/food-giant-wk-kellogg-discloses-data-breach-linked-to-clop-ransomware/\r\nPage 3 of 4\n\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/food-giant-wk-kellogg-discloses-data-breach-linked-to-clop-ransomware/\r\nhttps://www.bleepingcomputer.com/news/security/food-giant-wk-kellogg-discloses-data-breach-linked-to-clop-ransomware/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/food-giant-wk-kellogg-discloses-data-breach-linked-to-clop-ransomware/"
	],
	"report_names": [
		"food-giant-wk-kellogg-discloses-data-breach-linked-to-clop-ransomware"
	],
	"threat_actors": [],
	"ts_created_at": 1775434560,
	"ts_updated_at": 1775826735,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/f15bcf0070bd3fe959fe566936a0ab3c0955de64.pdf",
		"text": "https://archive.orkl.eu/f15bcf0070bd3fe959fe566936a0ab3c0955de64.txt",
		"img": "https://archive.orkl.eu/f15bcf0070bd3fe959fe566936a0ab3c0955de64.jpg"
	}
}