Edward Don, a foodservice company, was hit by a suspected ransomware attack that encrypted its network. The attack caused the company to shut down some of its operations to prevent the malware’s spread.
Owned and operated by the Don family since 1921, Edward Don and Company are one of the largest foodservice equipment and supplies distributors in the US. It sells such equipment as kitchen supplies, bar supplies, dinnerware, and flatware.
Today, it was revealed that earlier this month, Edward Don was hit by a ransomware attack that affected the company’s operations.
The email outage resulting from the incident has forced many employees to use their Gmail accounts, instead of their corporate ones, to communicate with their customers about orders and fulfillment issues.
Edward Don has not publicly acknowledged that the attack happened, but employees at the company have stated that they cannot accept orders until the systems are back online.
As Edward Don is one of the largest food distributors globally, the attack will surely cause considerable disruption in the supply chain of foodservice supplies of various establishments, including hospitals and restaurants.
Vitali Kremez, the CEO of Advanced Intel, has stated he believes the company was possibly infected by the Qbot botnet.
Qbot operators are known to provide access to compromised networks to other ransomware gangs which enables them to infiltrate a network, gather data, and ultimately deploy ransomware.
ProLock and Egregor previously partnered with Qbot to distribute ransomware. Since their shutdown, REvil ransomware gang has been using the botnet against multiple victims.
Over the past couple of months, various industries have been affected by the widespread use of ransomware. The attacks have caused significant disruption to the supply chain and critical infrastructure. Suffice to mention the attacks at the Colonial Pipeline and food producer JBS.