Ransomware cyber

Ferrara Candy

Jan 12, 2026 1 min read
Ferrara Candy

Ferrara Candy, the manufacturer of popular confectionery brands like Nerds, Laffy Taffy, and SweetTarts, suffered a ransomware attack on October 9, just weeks before Halloween a peak sales period. The attack disrupted production across its manufacturing facilities, leading to operational halts and a backlog of unfulfilled orders. While the company has since resumed operations, the incident caused temporary delays in supply chains, though Ferrara claims no significant consumer impact is expected.The attackers' identity, ransom amount, and whether payment was made remain undisclosed. The timing of the attack targeting a critical seasonal period suggests a deliberate strategy to maximize pressure on the victim. Ransomware groups often exploit such high-stakes moments to coerce swift payments, leveraging the urgency of business continuity. Ferrara’s recovery efforts are ongoing, but the incident highlights vulnerabilities in industrial sectors reliant on just-in-time production, particularly during demand surges.

Source: https://www.acronis.com/en/tru/posts/candy-giant-ferrara-hit-by-ransomware-impacting-production/

TPRM report: https://www.rankiteo.com/company/ferrara-

"id": "fer0863508090625",
"linkid": "ferrara-",
"type": "Ransomware",
"date": "9/2025",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'consumer goods (confectionery)',
                        'location': 'United States',
                        'name': 'Ferrara Candy Company',
                        'type': 'private'}],
 'customer_advisories': ['no significant consumer impact expected'],
 'date_detected': '2023-10-09',
 'description': 'Ferrara Candy, the manufacturer of popular candies like '
                'Nerds, Laffy Taffy, and SweetTarts, was struck by a '
                'ransomware attack on October 9. The attack disrupted '
                'production in their manufacturing facilities, causing a '
                'backlog of orders. The company has since resumed operations '
                'and does not anticipate a significant consumer impact. The '
                'ransom amount, payment status, and the responsible threat '
                'actor remain undisclosed.',
 'impact': {'downtime': True,
            'operational_impact': ['production halt', 'order backlog'],
            'systems_affected': ['manufacturing facilities']},
 'initial_access_broker': {'high_value_targets': ['manufacturing systems']},
 'investigation_status': 'ongoing (ransom details and threat actor '
                         'undisclosed)',
 'motivation': ['financial gain',
                'operational disruption (timed to maximize pressure during '
                'peak season)'],
 'ransomware': {'data_encryption': True},
 'references': [{'source': 'Acronis Cyber Protect (via article excerpt)'}],
 'response': {'incident_response_plan_activated': True,
              'recovery_measures': ['addressing order backlog'],
              'remediation_measures': ['resumed production operations']},
 'title': 'Ransomware Attack on Ferrara Candy Company',
 'type': 'ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.