A cyberattack earlier this month forced produce giant Dole to temporarily shut down production plants in North America and halt food shipments to grocery stores, according to a company memo about the incident obtained by CNN.
The previously unreported hack — which a source familiar with the incident said was ransomware — led some grocery shoppers to complain on Facebook in recent days that store shelves were missing Dole-made salad kits.
“Dole Food Company is in the midst of a Cyber Attack and have subsequently shut down our systems throughout North America,” Emanuel Lazopoulos, senior vice president at Dole’s Fresh Vegetables division, said in a February 10 memo to retailers.
Dole has four processing plants in the US and employs more than 3,000 people, according to a recent company press release.
Clayton Ranch Market, in the small town of Clayton, New Mexico, near the border with Oklahoma and Texas, has been short of salad kits since the beginning of last week, Jeff Russell, assistant manager of the store’s produce section, told CNN by phone on Wednesday.
A cyberattack on Dole was the cause of the salad shortage, Adam Wolfe, the store’s manager, told CNN, citing the Dole memo, which he said his store received from its wholesale grocery provider, Affiliated Foods Inc., in Texas.
Russell, the produce manager, rattled off the salad kits his store was out of on Tuesday, the most recent full day of inventory, from Dole Chopped Sesame to Dole Butter Bliss. “They [customers] are upset, but it happens,” Russell told CNN. “We can’t do nothing about it except [put in the orders].”
Mary Underwood, an employee at Stewart’s Food Store, in Olney, Texas, more than 100 miles west of Dallas, told CNN on Wednesday that the store had struggled to get Dole salads for several days. Customers started asking questions about the bare shelves, Underwood said, prompting the store to post the Dole memo about the cyberattack on its Facebook page.
It was not immediately clear how long the company had to keep production offline. A Dole spokesperson did not respond to emails and phone calls seeking comment. The Department of Homeland Security’s cybersecurity agency and the Department of Agriculture did not respond to CNN’s requests for comment.
Other high-profile hacks against the food and agriculture sector in the last two years have threatened supply chains and caused distributors to strengthen their cybersecurity.
A May 2021 ransomware attack by alleged Russian-speaking hackers forced JBS, the world’s largest meat supplier, to temporarily close factories in the US, Canada and Australia. JBS said it paid the hackers $11 million to unlock their systems.