TOMRA, a renowned global leader in recycling technology, has fallen victim to a sophisticated and expansive cyber attack that has directly impacted certain data systems within the company.
Recognizing the gravity of the TOMRA data breach, the company promptly alerted the relevant authorities and swiftly mobilized both internal and external resources to contain and neutralize the incident.
At the core of TOMRA’s operations lies TOMRA Collection, an integral part of the company responsible for the collection, transportation, and processing of used beverage containers throughout North America.
Additionally, TOMRA Collection facilitates the subsequent brokerage of the processed materials to recyclers, contributing significantly to sustainable waste management practices.
In response to a query about the TOMRA data breach by The Cyber Express, the recycling company said, “On Sunday morning, our IT personnel discovered irregular activity in our data systems, pointing towards an attack from outside.”
“We immediately acted and disconnected many of our systems to contain and mitigate the situation. We do not currently have the full overview of the potential consequences of the cyberattack,” they added.
TOMRA data breach explained
The TOMRA data breach began on the morning of July 16th (CET), compelling TOMRA to immediately halt its progress and minimize potential damages. Acting swiftly, the company disconnected certain systems to contain the attack’s impact.
Consequently, TOMRA acknowledges the possibility of reduced service stability for its valued customers and dedicated employees. Nevertheless, the topmost priority for TOMRA now rests upon expeditiously restoring all systems to full functionality.
Discussing the potential impact on customers and employees in terms of service disruptions, the company said, “This is too early to say, but we do assume that some customers unfortunately might experience unstable services in the days to come.”
With a commitment to transparency, the company pledges to keep all stakeholders informed and updated throughout this TOMRA data breach. It says that once the information is verified, it will promptly share it with the utmost integrity.
Data breaches at recycling companies: An overlooked sector
The TOMRA data breach is not an isolated incident as hackers frequently target recycling companies, although overlooked most of the time.
According to Tenable’s 2019 report, the implementation of OT security has seen immense success and has slowly developed into a C-level concern across industries.
AMCS Group states that the waste and recycling industry is experiencing a significant increase in cyber-attacks. The TOMRA data breach and similar attacks have only become more sophisticated and impactful, posing a growing threat to companies in the sector.
The Covid-19 pandemic has further exacerbated the situation as millions of employees now work remotely, necessitating remote access to corporate networks. Consequently, virtual private networks (VPNs) and remote desktop protocols (RDP) have surged.
Unfortunately, cybercriminals have taken advantage of this trend by exploiting weak password security and VPN vulnerabilities to infiltrate corporate networks, steal data, and deploy ransomware.
Although these attacks may not make national headlines, they represent a genuine and expanding menace, evident in the 150% increase in ransomware attacks over the past year. The majority of these attacks involve email phishing to obtain user credentials and initiate ransomware infections.
Reputational damage is another concern, as a serious data breach or protracted recovery period can tarnish a company’s image among customers, suppliers, investors, and regulators. This can result in financial losses as customers take their business elsewhere, eroding the brand’s value.