WK Kellogg Co., a leading North American cereal manufacturer, has confirmed a significant data breach involving its third-party vendor, Cleo, which provides secure file transfer services. The breach, orchestrated by the ransomware group CL0P, occurred on December 7, 2024, but was only discovered on February 27, 2025. This incident has raised serious concerns about the security of sensitive employee information.
Details of the Breach
The breach was executed by CL0P, a notorious ransomware group known for exploiting vulnerabilities in third-party software. In this case, they targeted Cleo’s file-sharing software, which WK Kellogg Co. utilized to transfer employee files to human resources service vendors. The compromised data included personally identifiable information (PII) such as names and Social Security numbers.
CL0P publicly disclosed the breach on February 25, 2025, adding urgency to WK Kellogg Co.’s response efforts. While the exact number of affected individuals remains uncertain, state filings indicate that at least one resident in Maine and three in New Hampshire were impacted. Given the nature of the breach, it’s plausible that more individuals across the United States may be affected.
Company Response
On April 4, 2025, WK Kellogg Co. officially filed a data breach notice with state authorities and began notifying affected individuals through written communication. The company is offering one year of complimentary identity theft protection services through Kroll, which includes credit monitoring and fraud consultation.
In collaboration with Cleo, WK Kellogg Co. has conducted a thorough investigation into the incident and is implementing enhanced security protocols to prevent future breaches. These measures include regular penetration testing, patch management, and multi-factor authentication (MFA) to secure sensitive systems.
Implications and Recommendations
This breach underscores the critical cybersecurity challenges associated with third-party vendors. Organizations must prioritize robust vendor management practices to mitigate risks, including:
– Regular Security Assessments: Conducting periodic evaluations of third-party vendors’ security measures.
– Patch Management: Ensuring that all software is up-to-date to protect against known vulnerabilities.
– Multi-Factor Authentication (MFA): Implementing MFA to add an extra layer of security to sensitive systems.
WK Kellogg Co. advises all potentially impacted individuals to:
– Monitor Credit Reports: Regularly check for unauthorized activity.
– Activate Identity Theft Protection Services: Utilize the services offered by Kroll.
– Remain Vigilant: Be cautious of phishing attacks or fraudulent communications attempting to exploit leaked personal information.
As ransomware groups like CL0P continue their campaigns against major organizations, businesses must enhance their cybersecurity measures not only within their own networks but also across their vendor relationships.
Company Overview
WK Kellogg Co., headquartered in Battle Creek, Michigan, employs approximately 3,280 people and generates annual revenues of $2.71 billion. The company is renowned for its portfolio of brands, including Frosted Flakes, Froot Loops, Raisin Bran, and Rice Krispies.
