Ransomware halts Coca-Cola's $4bn fairlife dairy production
Coca-Cola has suspended all US production at its fairlife dairy unit after a ransomware attack, an incident that could materially affect the global beverage group.
Coca-Cola has temporarily halted all US production of fairlife, its ultra-filtered milk brand. The company took this step after discovering unauthorized access to its systems, including production systems.
Coca-Cola disclosed the breach to US regulators and stated it has activated its incident-response and business-continuity plans. It has engaged outside cybersecurity advisers and notified law enforcement. Operations in Canada remain unaffected.
"The full scope, nature and impacts of the incident are not yet known," Coca-Cola said. The beverage giant added that it has not yet determined whether the hack is "reasonably likely to materially affect" the company. Product quality and safety were not compromised, and the attackers were not named.
fairlife represents a major asset for Coca-Cola. The brand, which has ridden the protein boom, booked an estimated $4bn in sales in 2024. Any prolonged shutdown of its US manufacturing network would represent a significant revenue hit.
The attack highlights the vulnerable intersection of operational technology and cybersecurity in the food and beverage sector. Ransomware against food and drink firms has a track record of causing severe physical disruption. Earlier attacks on Arizona Beverages and distributor UNFI led to weeks of disruptions and empty shelves.
When ransomware hits a production line, it is not merely an IT problem. It halts manufacturing entirely. This breach adds to a long run of third-party and enterprise breaches this year, ranging from espionage campaigns to stolen vendor access.
The corporate security landscape is shifting to counter these threats. "It comes as Microsoft rebuilds its security business around AI to meet exactly this kind of threat."
For European investors in global consumer brands, the fairlife incident underscores that cyber risk has evolved. It is no longer confined to data theft, but poses a direct threat to physical supply chains and manufacturing revenue.