![Breached [dot] blog](https://breached.blog/wp-content/uploads/2025/03/logo-3.png){kind=logo}
Arla Foods, a significant international dairy producer and farmer-owned cooperative with a global presence, recently confirmed a system disruption impacting one of its facilities. The company, known for brands like Arla, Lurpak, Puck, Castello, and Starbucks, sells its products in 140 countries worldwide.
Specifically, Arla Foods confirmed to BleepingComputer that it was targeted by a cyber attack. This incident led to a disruption of its production operations. According to an Arla spokesperson, they identified “suspicious activity at [their] dairy site in Upahl that impacted the local IT network”.
As a direct result of this incident, production was temporarily affected due to initiated safety measures. The attack’s impact was limited to the production unit located in Upahl, Germany. While the issue is specific to this site, Arla expects it will result in product delivery delays or even cancellations.
Arla Foods is actively working to address the disruption. They stated they have been “working diligently to restore full operations” at the affected site. The company anticipates returning to normal operations at the Upahl facility within the next few days. Importantly, production at other Arla sites has not been affected.
The company has already informed affected customers about potential delays and cancellations. While asked if the attack involved data theft or encryption, common elements of ransomware attacks, Arla declined to provide additional details at this time. As of the reporting, there have been no announcements regarding Arla on ransomware extortion portals, leaving the specific type of attack and the perpetrators unknown.
Despite this specific disruption, the sources indicate Arla is active in other areas, with recent news covering topics such as their strong financial performance in 2024 and robust first half results, intentions to merge with DMK Group, investments in UHT milk production in the UK, approval of a significant supplementary payment to farmer owners, sustainability efforts like regenerative dairy farming and farmers powering the company, and issuing green bonds. They have also recently launched a new five-year strategy focused on sustainability, digitalization, and investments.
The focus remains on the recovery of operations at the Upahl, Germany site following the confirmed cyberattack.
