Apetito has confirmed that it has been a victim of a sophisticated criminal cyber-attack that took place on Saturday 26/6/2022, which breached its extensive security systems and impacted on the company’s IT systems and on its ability to operate in the short term.
The company has reported the attack and is working closely with the relevant law enforcement and data protection bodies.
Apetito provides meals for Meals on Wheels as well as care homes, nurseries, hospitals, independent schools, local authorities and charities.
The company is currently experiencing severe difficulties with its computer systems and has called the attack an 'international criminal cyber attack'. Wiltshire Farm Foods said that it was confident that no credit or debit card details have been stolen as they are not held on its systems.
However, the attack has now led to a disruption in deliveries and it was also unable to contact customers personally as it did not have access to their telephone numbers.
Paul Freeston, chair and chief executive at Apetito UK & North America said that its crisis management team was meeting 'multiple times' each day to review progress, direct resources and respond to emerging issues.
He also revealed that Apetito has managed to get a significant but restricted production programme running and aims for this to continue for the remainder of this week. He added that Wiltshire Farm Foods had managed to fulfil a limited number of local deliveries across the national network from a manual work-around system. Wiltshire Farm Foods said that where it is able to take orders it is only offering deliveries from Monday 4th July.
Freeston said: “Our Crisis Management and IT teams (assisted by specialist external partners) are working all hours to bring critical systems back into operation as soon as possible. However, we expect significant disruption in the coming days while we address these issues.
“We appreciate that this situation will cause substantial inconvenience for our customers. We are doing everything we can to resolve the situation and will have a clearer understanding of timescales involved as our recovery work progresses.
“We are seeking to establish whether any identifiable information (PII) has been compromised. We will make any required communications to customers and with the Information Commissioner’s Office (ICO). We are confident that credit/debit card data has not been compromised as we do not hold this on our systems.
“Meanwhile, we are taking every possible action to restore our service and would like to extend our sincere apologies to all our customers for the uncertainty and severe inconvenience this situation is causing them”.
Richard Walters, chief technical officer at British cybersecurity firm Censornet, said:“Thousands of people relying on meals on wheels will miss out this week.
“Cyber threats are among the most significant, frequent, and persistent dangers to business continuity. And, it’s not just large multinationals in the firing line.
“Two in three (65%) mid-market organisations suffered an outage in 2021, with half (33%) seeing systems knocked offline for more than a day. All organisations, no matter what their size, need enterprise-grade security to protect them.”
In December 2021 Freeston was elected Food and Drink Federation President 2022 in succession to Jon Woods, general manager of Coca Cola Great Britain and Ireland.