Dairy Farmers of America confirms June cyberattack leaked personal data

Steven

Dairy Farmers of America confirms June cyberattack leaked personal data

Summary

Dairy Farmers of America (DFA) says cybercriminals breached its systems in June and exposed the personal information of 4,546 employees and cooperative members. The organisation had earlier reported ransomware affecting multiple manufacturing plants; the Play ransomware gang later claimed responsibility.

DFA’s breach notifications filed in Maine detail stolen data including names, Social Security numbers, driver’s licence or state-issued ID numbers, dates of birth, bank account numbers and Medicare/Medicaid numbers. DFA discovered the breach two days after it began and says entry was via a “sophisticated social engineering campaign.” The investigation concluded on 15 September and affected individuals will receive two years of identity protection services. DFA did not respond to requests for comment.

The Kansas-based cooperative represents about 9,500 farmer-owners, has roughly 19,000 employees and reported $24.5bn in revenue in 2022, producing around 23% of U.S. milk. The incident comes amid a notable rise in ransomware attacks on the food and agriculture sector, and follows FBI updates showing the Play gang has targeted hundreds of organisations.

Key Points

  • 4,546 people had personal data exposed in the June breach at Dairy Farmers of America.
  • Stolen data types: names, Social Security numbers, driver’s licence/state ID numbers, dates of birth, bank account numbers, Medicare/Medicaid numbers.
  • DFA detected the intrusion two days after it began; attackers used a “sophisticated social engineering campaign.”
  • The Play ransomware gang claimed the attack; the group has been linked to hundreds of incidents and is considered highly prolific.
  • DFA completed its investigation on 15 September and is offering two years of identity protection to victims.
  • The attack is part of an upward trend in ransomware hits against the food and agriculture sector in 2025.

Context and Relevance

This breach affects a major cooperative that supplies roughly a quarter of U.S. milk, so the incident matters for supply-chain stability, employee privacy and sector-wide cyber resilience. The Play gang’s continued activity and the spike in food-and-agriculture attacks underline a systemic risk for processors, farms and service providers. Policymakers have proposed measures to bolster sector defences, but legislative progress has been limited.

Why should I read this

Quick and blunt: if you work in food, ag, HR, payroll, IT or supply-chain management — pay attention. This isn’t a tiny local incident; it’s a sizeable co-op with thousands of staff and a broad farmer network. We cut through the noise so you know what was taken, how it happened, what DFA is offering victims and why the Play gang’s activity matters for the wider sector.

Source

Source: https://therecord.media/dairy-farm-leaked-info-ransomware