February 3, 2024 at 04:40PM
Clorox confirmed a cyberattack in September 2023, costing $49 million in expenses. The incident led to production disruption and decreased availability of products. The company incurred expenses for third-party consulting, IT recovery, forensic experts, and professional services to investigate and remediate the attack. Recovery efforts are ongoing, and Johnson Controls International also reported a significant attack. Scattered Spider, a threat actor group, is believed to be involved in the attack.
Key takeaways from the meeting notes are:
1. Clorox suffered a cyberattack in September 2023, resulting in $49 million in expenses related to the incident.
2. The expenses primarily include third-party consulting services, including IT recovery and forensic experts, as well as incremental operating costs incurred from disruption to business operations.
3. The company is working on recovering from the attack and expects to incur decreasing costs related to the cyberattack in the future.
4. Clorox Chair and CEO, Linda Rendle, highlighted progress in the recovery plan, including rebuilding retailer inventories and focusing on driving top-line growth.
5. Johnson Controls International also confirmed a September 2023 ransomware attack, costing the company $27 million in expenses and leading to a data breach.
6. The attack on Clorox is believed to have been conducted by the hacker collective known as Scattered Spider, known for their social engineering attacks and affiliation with the BlackCat/ALPHV ransomware gang.
These takeaways provide a clear understanding of the impact of the cyberattacks on Clorox and Johnson Controls International, as well as the nature of the attackers involved.