In a developing update on the Clorox Cyberattack, which commenced back in August, the lingering repercussions of the incident continue to unfold.
The Clorox Data breach Update delves into the potential losses incurred in the wake of this attack, believed to be orchestrated by the infamous hacking collective known as “Scattered Spider.”
Clorox has disclosed that the cyberattack had substantial consequences on its sales and profits for the quarter concluding in September, with enduring effects on the company’s operational landscape.
Who are the Scattered Spiders?
Scattered Spider group has previously targeted major casino companies. They deploy social engineering tactics to breach security measures.
Scattered Spider hackers specialize in infiltrating call centers and IT help desks by impersonating employees, thus deceiving support staff and acquiring sensitive information that grants them access to accounts.
At MGM properties, these attacks resulted in disruptions, including the inability to charge purchases to rooms, the shutdown of slot machines, and the unavailability of reservation websites. However, the impact on Clorox has been arguably more severe.
Clorox Data Breach Update
Clorox disclosed that the cyberattack is projected to cause a drop in fiscal first-quarter net sales of up to 28% compared to the previous year, with organic sales expected to decrease by as much as 26%. Previously, Clorox had anticipated mid-single-digit growth in organic sales.
Additionally, the company now anticipates a decrease in gross margin compared to the previous year, whereas it had previously expected an increase. Analysts had estimated a profit of $1.37 a share before the cyberattack was disclosed, but now Clorox predicts an adjusted loss of up to 40 cents a share.
The company has acknowledged that it will continue to experience operational disruptions in the second quarter, although these are expected to lessen as the company works toward returning to normal operations. Clorox is presently evaluating the long-term impact of the cyberattack on fiscal year 2024 and beyond.
As of September 29, Clorox was still in the process of recovering from the attack, with efforts focused on ramping up production and replenishing trade inventories.
While production is gradually returning to normal, the company has not provided an estimate for when full operational recovery will be achieved.
Meanwhile, Clorox is at risk of losing market share to competitors as its products, including cat litter, Hidden Valley salad dressing, and Pine-Sol, face shortages on US retailers’ shelves. Since announcing the breach, Clorox’s shares have declined by approximately 17%.
Investigation Underway
Despite these significant developments, it is unclear whether ransomware was employed by the hackers, or whether social engineering tactics were used to infiltrate Clorox’s network. The company is actively collaborating with the FBI to investigate the incident.
Scattered Spider is known to have connections with a ransomware gang named ALPHV, who typically demand payment in exchange for a decryption key to unlock victim files.
Scattered Spider is believed to consist of five to six core members, aged between 19 and 25, operating in the US and UK. The FBI is actively investigating the group’s activities.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
