Cyberattack Strikes Clorox, Disrupting Operations
Some Clorox products are now in short supply after an August cyberattack caused large-scale disruption in the company's production....
Facts
- Some Clorox products are now in short supply after an August cyberattack caused large-scale disruption in the company's production.1
- The company, [headquartered in Oakland, Calif.], produces cleaning products like Clorox bleach and Pine-Sol and said that it doesn't have a firm estimate for when it will be able to fully resume operations.2
- In a US Securities and Exchange Commission filing, Clorox said that on Aug. 14, it had 'identified unauthorized activity on some of its information technology systems,' and has since initiated 'manual ordering and processing procedures' and reduced its production in order to address the situation.3
- While the company now believes that the attack has been contained, it has been unable to get its manufacturing operations back up to full speed. Orders are being processed and fulfilled manually and it may not be until next week that these processes return to normal.4
- Clorox said that the cyberattack and subsequent delays will hurt its current-quarter material financial results, but has hesitated on determining any longer-term impact, saying that doing so would be premature given their ongoing cyber recovery efforts.5
- This shortage also comes as the US Centers for Disease Control and Prevention (CDC) has projected a potential uptick in the flu, COVID, and the RSV virus this fall.6
Sources: 1Abc12 wjrt, 2CNBC, 3New York Post, 4CBS, 5CNN and 6Fortune.
Narratives
- Narrative A, as provided by CNBC. Companies often fail to disclose cyber attacks when they happen or hide the full extent of damages in fear of startling current or potential customers, damaging their stock value, or incurring legal challenges. It's important that organizations urgently share when they have been the victim of a complex cyberattack in order to raise public awareness of the impacts. This Chlorox shortage — while not at the scale of 2020 COVID-era shortages — is an example of how disruptions can potentially impact daily life.
- Narrative B, as provided by Grc elearning blog. While companies in general need to be transparent about their cyber processes and infrastructure, simple human error is to blame for 82% of cyber consequences. Employees are often the people who accidentally expose sensitive information that enables cyber criminals to access a company's systems. Despite the complex impacts on supply chains, simple training of real people on what to click and what to avoid can greatly reduce this issue.