Erie Meats Hit by Play Ransomware: Data Compromised in Major Cyberattack
Ransomware Attack on Erie Meats by Play Ransomware Group
Erie Meats, a prominent Canadian company specializing in meat processing and food production, has recently fallen victim to a ransomware attack orchestrated by the notorious Play ransomware group. The company, headquartered in Mississauga, Ontario, operates additional facilities in Listowel and employs around 327 people. With over 750,000 square feet of production and distribution space, Erie Meats generates approximately $200 million in annual revenue.
Company Overview
Founded in 1977, Erie Meats has grown from a small processing plant in Toronto to one of Canada's largest meat processors. The company produces a wide range of meat products, including chicken, pork, turkey, and beef, catering to both retail and foodservice sectors. Their product offerings include hotdogs, sausages, deli meats, ribs, burgers, and various prepared items such as battered and breaded chicken and sous vide products. Erie Meats is known for its commitment to quality, utilizing state-of-the-art technology and high-quality raw materials in its production processes.
Attack Overview
The ransomware attack on Erie Meats has compromised private and personal confidential data, including client documents, identification information, and other sensitive details. The Play ransomware group, also known as PlayCrypt, has claimed responsibility for the attack via their dark web leak site. The group has been active since June 2022 and has targeted a diverse range of industries, including IT, transportation, construction, materials, government entities, and critical infrastructure.
About Play Ransomware Group
Play ransomware group distinguishes itself by employing various methods to gain entry into networks, including exploiting RDP servers, FortiOS vulnerabilities, and Microsoft Exchange vulnerabilities. They use tools like Mimikatz for privilege escalation and custom tools to enumerate users and computers on compromised networks. The group is known for its minimalistic ransom notes, directing victims to contact them via email without an initial ransom demand.
Potential Vulnerabilities
Erie Meats' extensive production and distribution network, coupled with its reliance on state-of-the-art technology, may have presented vulnerabilities that the Play ransomware group exploited. The group's ability to disable antimalware and monitoring solutions, along with their use of tools like Process Hacker and GMER, could have facilitated the penetration of Erie Meats' systems.
Impact and Implications
The attack on Erie Meats underscores the growing threat of ransomware to critical industries, including food production. The compromise of sensitive data not only affects the company's operations but also poses significant risks to its clients and partners. As ransomware groups like Play continue to evolve their tactics, it is crucial for companies to bolster their cybersecurity measures to mitigate such risks.
Disclaimer
The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources. By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!