Americold discloses cybersecurity incident to SEC

Featured image

Share this article

Americold discloses cybersecurity incident to SEC

On the brink of a massive nationwide effort to distribute long-awaited and much-needed COVID-19 vaccines, Americold — a company that specializes in providing cold storage and transportation — disclosed that it has been hit by a “cybersecurity incident.”

What does Americold do?

Based in Atlanta and with roots dating back to the American ice trade early 20th century, Americold is a logistics company that provides cold storage and supply chain management.

Today, Americold has over 185 locations and manages over 1 billion cubic feet of storage worldwide. The company is a key part of the supply chain connecting food producers, processors, distributors, and retailers to consumers.

In 2020, Americold’s infrastructure and expertise became urgently needed as COVID-19 vaccines were being developed. These vaccines need to be kept cold all the way from manufacturing to patient delivery. Pfizer’s vaccine candidate needs to be kept below minus 94 degrees Fahrenheit (or minus 70 degrees Celsius), while Moderna’s drug needs to be kept below minus 4 degrees Fahrenheit (0r minus 20 degrees Celsius).

The cold chain pharmaceutical logistics market was already seen as a growth industry before the pandemic. Now, Americold and its competitors are rushing to expand. In August, the company acquired three facilities in Florida and Texas for $107 million in cash.

What happened?

In a November 16, 2020 filing with the Securities & Exchange Commission (SEC), Americold provided a brief disclosure:

Americold Realty Trust determined that its computer network was affected by a cybersecurity incident. As a precautionary measure, the Company took immediate steps to help contain the incident and implemented business continuity plans, where appropriate, to continue ongoing operations. The Company has notified and is working closely with law enforcement, cybersecurity experts and legal counsel.

The company provided no further details about the “cybersecurity incident,” such as the method or target of the attack or what systems and information were affected.

However, Bleeping Computer reported that it was a ransomware attack that impacted numerous Americold systems, including phone, email, order fulfillment, and inventory management.

Several media outlets noted a Twitter post from a truck driver stuck waiting at an Americold facility because “their systems are down.”

“Security, in all its forms, remains a top priority at Americold, and the Company will continue to seek to take all appropriate measures to further safeguard the integrity of its information technology infrastructure, data and customer information,” Americold said in its filing.

How do I avoid ransomware attacks?

With ransomware, hackers hold your data hostage until you pay a ransom payment to release it — and there’s no guarantee the data will ever be restored or will not be sold or released. Ransomware attacks have surged this summer, including many on healthcare systems.

Because ransomware is indiscriminate in the data it affects, they should be treated as data breaches. According to the U.S. Department of Health and Human Services (HHS), that means a potential HIPAA violation for covered entities.

“Ransomware exploits human and technical weaknesses,” the department notes. Since a human is at every endpoint in a network, all companies should invest in cybersecurity training for their employees.

On the technical side, Paubox Email Suite Plus allows users to send HIPAA compliant email and provides multilayered protection for the most common vector for malware attacks, including inbound email security.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Ryan Ozawa

Read more by Ryan Ozawa

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022