Clorox has confirmed {that a} September 2023 cyberattack has thus far price the corporate $49 million in bills associated to the response to the incident.
Clorox is an American producer of shopper {and professional} cleansing merchandise with 8,700 staff and nearly $7.5 billion in income for 2023.
On August eleventh, Clorox suffered a cyberattack that prompted important disruption within the firm’s operation, resulting in lowered manufacturing and decreased availability of shopper merchandise.
In an earnings report filed with the SEC on Thursday, Clorox disclosed it incurred $49 million in bills associated to the cyberattack by the tip of 2023.
“The prices incurred relate primarily to third-party consulting companies, together with IT restoration and forensic consultants and different skilled companies incurred to analyze and remediate the assault, in addition to incremental working prices incurred from the ensuing disruption to the Firm’s enterprise operations,” reads the Clorox 2024 Q2 Quarterly report.
The corporate has acknowledged that they’re nonetheless working to get well from the assault however expects to incur lessening prices associated to the cyberattack sooner or later.
“Our second quarter outcomes replicate sturdy execution on our restoration plan from the August cyberattack,” stated Clorox Chair and CEO Linda Rendle in an 8-Okay submitting.
“We’re rebuilding retailer inventories forward of schedule, enabling us to return to merchandising and restore distribution. Whereas there’s nonetheless extra work to do, we’re centered on executing with excellence in what stays a difficult atmosphere to drive top-line development and rebuild margin.”
Johnson Controls Worldwide additionally confirmed this week {that a} September 2023 ransomware assault price the corporate $27 million in bills, main to a knowledge breach after hackers stole company knowledge.
Assault linked to Scattered Spider
Whereas Clorox has not offered many particulars about their assault, Bloomberg reported that it’s believed to have been performed by the hacker collective generally known as Scattered Spider.
Scattered Spider is a loose-knit group of menace actors, lots of them English-speaking, who concentrate on social engineering assaults to breach an organization’s networks.
What makes Scattered Spider so uncommon is they’re additionally associates of the BlackCat/ALPHV ransomware gang, who normally solely work with Russian-speaking menace actors.
Scattered Spider has been beforehand linked to assaults on MGM, Caesars, DoorDash, and Reddit.
