Pepsi Bottling Ventures (PBV) recently revealed that a threat actor gained access to its systems for 27 days before its security team uncovered the breach.

About the attack

According to Bleeping Computer, PBV’s IT systems were infiltrated on December 23, 2022, and were infected with malware, allowing the attacker to steal private employee information. In PBV’s internal security notice, the company claims that it took immediate action once the threat was detected.

“We took prompt action to contain the incident and secure our systems. While we are continuing to monitor our systems for unauthorized activity, the last known date of unauthorized IT system access was January 19, 2023.”

While the extent of the attack is unknown, PBV is investigating potentially affected records, and has paused the operation of all infected devices.

The depth of the breach

Currently, evidence indicates that the following personal data of some employees has been accessed:

  • Full name
  • Home address
  • Financial account information (including passwords, PINs, and access numbers)
  • State and Federal government-issued ID numbers and driver’s license numbers
  • ID cards
  • Social Security Numbers (SSNs)
  • Passport information
  • Digital signatures
  • Information related to benefits and employment (health insurance claims and medical history)

PBV has reset all company passwords and informed affected employees, as well as law enforcement. They’re also providing a free one-year subscription to an identity monitoring service to help protect employees from identity theft following the incident. The total number of individuals impacted is unknown.