
Coca-Cola says its fairlife dairy unit was hit by ransomware, and has suspended all US production while it investigates.
A ransomware attack has stopped production at one of Coca-Cola’s biggest dairy brands. The company said fairlife found unauthorised access to part of its systems, including production systems, in a statement.
Coca-Cola disclosed the breach to US regulators, TechCrunch reported. US production at fairlife is “temporarily suspended.” Its operations in Canada are not affected.
What Coca-Cola has said
The company said it spotted the problem, then triggered its incident-response and business-continuity plans. It has brought in outside advisers and cybersecurity experts, and told law enforcement.
“The full scope, nature and impacts of the incident are not yet known,” Coca-Cola said. It has also not yet worked out whether the hack is “reasonably likely to materially affect” the company, Engadget noted. It added that product quality and safety were not affected, and did not name the attackers.
Why it matters
fairlife is not a side project. The ultra-filtered milk brand booked an estimated $4bn in sales in 2024, TechCrunch noted, riding the protein boom.
Ransomware against food and drink firms has a track record of biting hard. Earlier hits on Arizona Beverages and the distributor UNFI caused weeks of disruption and empty shelves. A ransomware hit on a production line is not just an IT problem. It stops the line.
A rough run for corporate security
The attack adds to a long run of third-party and enterprise breaches this year, from espionage campaigns to stolen vendor access. It comes as Microsoft rebuilds its security business around AI to meet exactly this kind of threat.

