Mondelez, the company behind Oreos and other products, is warning its staff that their information may have been leaked.
A data breach struck Bryan Cave Leighton Paisner LLP, a third-party law firm that was originally hired to provide legal advice to Modelez. The stolen information about staff members can include names, addresses, phone numbers, social security numbers, date of birth, marital status, retirement plan information, and employee identification numbers.
“Financial information, such as account information or credit card numbers, was not involved in this incident,” says Mondelez in a notice sent to every staff member affected by the breach.
“You may want to temporarily freeze your credit. You should be on guard for schemes where malicious actors may pretend to represent Mondelēz or reference this incident. If you have questions, please contact us.”
According to Bryan Cave, their network was compromised from Feb. 21 to March 1, 2023, and they confirmed that although sensitive information was exposed, financial information wasn’t.
“Please know that protecting your personal information is something that Mondelēz takes very seriously. Bryan Cave conducted an investigation with an outside cybersecurity forensic firm to confirm the nature and scope of the incident. Bryan Cave also notified law enforcement.”
Mondelez also tells its staff members to be aware of any suspicious or unusual activity involving their data, however, it’s more likely that malicious use of their data would go unknown for a long period of time.
Unfortunately, what caused the data breach isn’t public information. Neither Modelez nor Bryan Cave released any information on what happened, which vulnerabilities were found, or any other information.
“Please know that this incident did not occur on or affect Mondelez systems or networks in any way,” the company states. While that may not be comforting to those affected, an investigation is ongoing, with law enforcement working with the company to figure out what happened.