Disruptions continue at Molson Coors

Brewing giant Molson Coors disclosed Thursday that it has experienced a “cybersecurity incident” that has disrupted operations and beer production. In a Form-8K filed with the SEC today, Molson Coors said it’s bringing in an outside forensic IT firm to investigate the breach, but that delays in shipments were likely as it works to bring its systems back online.

“The Company is working around the clock to get its systems back up as quickly as possible,” Molson Coors wrote in the filing. “Although the Company is actively managing this cybersecurity incident, it has caused and may continue to cause a delay or disruption to parts of the Company’s business, including its brewery operations, production, and shipments.”

Molson Coors wouldn’t say how many facilities were impacted. The company operates seven breweries and packaging plants in the U.S., three in Canada and 10 in Europe.

In addition to its namesake brews, its brands include Miller Lite, Pilsner Urquell and Blue Moon.

Molson Coors also wouldn’t say if the cyberattack was related to a global hack of servers running Microsoft Exchange email software. That breach has impacted small businesses, law firms, city governments and manufacturers.

It’s not the first time a major beverage maker has been targeted in a cyberattack.

  • The cyberattack, along with the consequences of a winter storm in Texas last month and ongoing pandemic shutdowns in the U.K., will negatively affect the company’s first-quarter financial results, President and Chief Executive Officer Gavin Hattersley said.
  • The cost of consultants, experts and data-recovery efforts related to the cyber incident are expected to stretch into the second quarter. The company hopes to recover some expenses through insurance claims

Sierra Wireless resumes production after ransomware attack. Certain operations at the Internet-of-Things manufacturer were disrupted after the attack, disclosed March 23. The company has started to recover internal tech systems and its website and is working with consulting firm KPMG and cyber law firm Blake, Cassels and Graydon LLP on incident response.

Speaking of the Molson Coors incident, Niamh Muldoon, global data protection officer with OneLogin, said these attacks illustrate how cyber criminals are targeting high profile organizations to interrupt key business operations and manufacturing.

“Ransomware remains a global cybersecurity threat and is the one cybercrime that has a high direct return of investment associated with it, by holding the victims’ ransom for financial payment,” said Muldoon. “On a global scale, cybercriminals will continue to focus their efforts on this revenue-generating stream. This reinforces what we’ve said before that no industry is exempt from the ransomware threat and it requires constant focus, assessment and review to ensure that critical information assets remain safeguarded and protected against it.”

Without getting into too many specifics Molson Coors mentions brewery operations, production and shipping. That covers a good portion of its day-to-day business, so the impact of the attack could be substantial. The company operates 10 brewing facilities in North America and another 10 in Europe.

In its filing, Molson Coors states that it is “actively managing” the situation and “is working around the clock to get its systems back up as quickly as possible.”

Downtime related to a cyber incident can cost companies thousands of dollars every minute. A 2017 report pegged the figure at nearly $9,000.

There’s no avoiding downtime, either. Systems must be taken offline to limit the spread of the attack and kept offline until investigation and remediation can be completed. That can take days or even weeks depending on the complexity of the attack.