Kellogg Corporation Admits Data Leak Linked to Vulnerability in Cleo Software
WK Kellogg Co. Suffers Cybersecurity Breach: What You Need to Know
WK Kellogg Co., the multinational food manufacturing company, announced a cybersecurity breach on December 7, 2024. The attack, part of a broader campaign targeting organisations using Cleo products, was reportedly carried out by the Clop ransomware group.
The breach involved unauthorized access to personnel files transferred via Cleo servers to HR service providers. One of the vulnerabilities exploited, CVE-2024-50623, allowed unrestricted uploads and downloads, while another, CVE-2024-55956, allowed unauthenticated users to run arbitrary bash or PowerShell commands.
The stolen files from WK Kellogg are HR-related employee files, which could lead to identity theft for those affected. Victims should be on the lookout for potential signs of identity theft and should ensure they have locked their credit to avoid illicit accounts being opened in their names.
Erich Kron, security awareness advocate at KnowBe4, stated that zero-day flaws are extremely difficult to defend against. The patch for CVE-2024-50623 issued by Cleo in October 2024 was found to be insufficient.
In response to the breach, WK Kellogg is offering affected individuals one year of free identity theft protection from Kroll, including credit monitoring and fraud support. At least one employee in Maine had their name and Social Security number compromised.
The Clop ransomware group is a cybercriminal organization known for conducting ransomware attacks, including a suspected attack against WK Kellogg Co., primarily targeting large corporations to extort money through data encryption and leaks. The group publicly listed WK Kellogg on its dark web leak site in February.
The breach was disclosed by WK Kellogg on April 4, 2025. The attackers exploited known vulnerabilities in Cleo's Harmony, VLTrader, and LexiCom file transfer software. The company urges all users to update their software to the latest patches to prevent similar attacks.
Read also:
- Trump and Xi speak over the phone, according to China's confirmation.
- Strategies for Adhering to KYC/AML Regulations in India, a Leading Fintech Center (2024)
- Strategies for Poland, Ukraine, and NATO to combat unmanned Russian aerial threats.
- Boost Your Generative Asset Safeguards: Qualys Improves TruRisk System with TotalAI for LLM Protection
