• 2 min read
Coca-Cola halts fairlife production after ransomware attack
Coca-Cola suspended fairlife’s US dairy production after a ransomware attack. Canadian facilities remain unaffected, with losses not yet disclosed.

Image: TechRadar
Coca-Cola has temporarily suspended production at fairlife’s US facilities after the dairy subsidiary identified unauthorized access to production-related systems during a ransomware event. Fairlife’s Canadian operations remain unaffected, and the company said product quality and safety have not been impacted.
The disclosure came in an 8-K filing with the US Securities and Exchange Commission. Coca-Cola said the incident was identified on July 16, 2026, prompting its incident-response and business-continuity protocols. The company has brought in third-party cybersecurity experts, notified relevant authorities and is investigating the damage.
Fairlife ransomware attack could raise financial impact
Coca-Cola said it is working to restore the affected systems, but has not yet determined whether the incident is reasonably likely to materially affect the company. It has not quantified any losses.

Recommended reading
Gemini bug bypasses Android lock-screen PIN
Joseph Perry, cybersecurity researcher and Advanced Services Lead at Arcova, said the disruption could become financially significant because of fairlife’s importance within Coca-Cola’s portfolio. Coca-Cola generated nearly $48 billion in net revenue last year and made a $6.1 billion contingent payment tied to its acquisition of fairlife.
“With production suspended across fairlife’s US facilities, every hour can compound the financial impact through lost output, delayed shipments, recovery costs, inventory exposure and potential disruption for retailers. Coca-Cola has not yet quantified the loss, but the longer production remains offline, the more quickly a cyber incident becomes a material business event.”
The incident was reported via BleepingComputer. The duration of the production shutdown, the scope of the unauthorized access and whether data was stolen have not been disclosed.
Security Editor
Sophia unpacks the invisible wars happening on our networks. Covering cybersecurity, privacy legislation, and cryptography, she exposes how our data is weaponized and defended. Before joining for(geeks), she spent years as a penetration tester. She's the reason the rest of the team uses physical security keys.
via TechRadar


