KP Snacks hack prompts crisp and nut supplies warning

  • Published
Photo of KP Snacks

Shops have been warned deliveries of nuts and crisps could be at risk, after KP Snacks was hit by ransomware.

In a letter to retailers, first reported by Better Retailing, the company said it "cannot safely process orders or dispatch goods".

The producer of McCoys, Hula Hoops and various varieties of nuts apologised for any disruption.

In a message quoted by Better Retailing, one wholesaler warned problems could last into March.

"Initial discussions have highlighted that no orders will be being placed or delivered for a couple of weeks at least and service could be affected until the end of March at the earliest," the wholesaler wrote.

Countdown timer

In a post on the darknet, seen by BBC News, cyber-criminals published personal documents from staff, with the company letterhead.

A countdown timer on the page warns more will be published unless a ransom is paid.

Media caption,

Watch: What is ransomware and how does it work?

Often, ransomware hackers will gain entry to a computer network, steal valuable data and then scramble the victim's copies of documents.

Ransoms are then demanded for the decryption of the data and the deletion of the hacker's copy of sensitive information.

Cyber-security response

KP Snacks, which has a factory in Billingham, said: "On Friday, 28 January, we became aware that we were unfortunately victims of a ransomware incident.

"As soon as we became aware of the incident, we enacted our cyber-security response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation.

"We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologise for any disruption this may have caused."

The police advise organisations not to pay ransoms but many do.

Last June, the world's largest meat-processing company paid criminals $11m (£7.8m), for example.