Unknown threat actors got into Pepsi Bottling Ventures LLC’s network and installed info-stealing malware, extracting sensitive information from its IT systems. According to a sample security incident notice filed with the Montana Attorney General’s office, the company was breached on December 23, 2022, and the intrusion was detected 18 days later, on January 10.
It took until January 19 for the company to kick out the intruders from its network. According to the company’s internal investigation, the following data was accessed by the intruders till then:
- Full names
- Home addresses
- Financial account information (including any saved passwords, access codes and PINs)
- ID cards
- State or Federal government-issued IDs and driving licenses
- Social Security Numbers
- Passport information
- Digital signatures
- Employment and employee benefit information, including any health insurance claims and medical records.
While the company claims that a review of the situation is still underway, all affected systems have been removed from the active network infrastructure, and additional network security measures have been implemented. Company passwords have also been reset, and law enforcement agencies have been promptly notified of the breach.
It’s still unknown what nature of malware infected the company’s network or what exactly the threat actors were after. As mentioned before, the intruders themselves are unknown at the moment as well. As for the impacted users, PBV is offering a year’s worth of identity monitoring services from Kroll.
The Kroll services on offer include credit monitoring, a current credit report, Web Watcher, Public Persona, Quick Cash Scan, identity fraud loss reimbursement of up to $1 million, fraud consultation as well as identity theft repair. The company isn’t aware of any identity theft or fraud incidents arising from this breach at the time of writing.