Ganong Bros.

Ganong Bros., Canada’s oldest family-owned chocolate manufacturer (est. 1873), fell victim to a ransomware attack on February 22, 2025, crippling its St. Stephen production plant. The attack encrypted critical servers, halted automated mixing/wrapping machines, and severed access to order databases and emails. Despite mechanically functional equipment, the lack of digital controls forced a complete production shutdown, reverting operations to 19th-century manual processes. The incident disrupted spring order fulfillment, threatened financial losses from halted sales, and risked long-term reputational damage to the 150-year-old brand. The attack’s timing during limited weekend shifts exacerbated delays in response, while the ransom note indicated data encryption with potential demands for payment. Recovery efforts faced hurdles due to the stealthy spread of malware, which had already compromised multiple systems before detection. The incident underscored the vulnerability of legacy industrial systems to modern cyber threats, jeopardizing both operational continuity and customer trust.

Source: https://www.csoonline.com/article/4038381/caught-in-the-cyber-crosshairs-a-candy-manufacturers-2025-ransomware-ordeal.html

TPRM report: https://www.rankiteo.com/company/ganong-bros.-limited

"id": "gan846081625",
"linkid": "ganong-bros.-limited",
"type": "Ransomware",
"date": "2/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'industry': 'Food Manufacturing '
                                    '(Chocolate/Confectionery)',
                        'location': 'St. Stephen, New Brunswick, Canada',
                        'name': 'Ganong Bros.',
                        'type': 'Private Company'}],
 'data_breach': {'data_encryption': ['Critical servers', 'Production systems']},
 'date_detected': '2025-02-22',
 'description': 'On February 22, 2025, Ganong Bros., Canada’s oldest '
                'family-owned chocolate manufacturer, suffered a ransomware '
                'attack that encrypted critical servers and disrupted '
                'production at its St. Stephen plant in New Brunswick. The '
                'attack began stealthily before discovery, crippling digital '
                'controls for automated mixing/wrapping machines, order '
                'databases, and email systems. Operations halted as the '
                'factory lost access to production schedules and digital '
                'infrastructure, effectively reverting to 19th-century manual '
                'processes. The incident was detected during a limited-shift '
                'Saturday operation while preparing spring orders.',
 'impact': {'operational_impact': ['Complete halt of production',
                                   'Loss of digital controls for machinery',
                                   'Inability to access order database or '
                                   'emails',
                                   'Reversion to manual processes'],
            'systems_affected': ['Critical servers (encrypted)',
                                 'Automated mixing machines (digital controls)',
                                 'Wrapping machines (digital controls)',
                                 'Order database',
                                 'Email systems',
                                 'Production schedules']},
 'initial_access_broker': {'high_value_targets': ['Production systems',
                                                  'Order database']},
 'investigation_status': 'Ongoing (as of description date)',
 'ransomware': {'data_encryption': ['Servers',
                                    'Digital controls for machinery',
                                    'Order database']},
 'title': 'Ransomware Attack on Ganong Bros. Chocolate Factory',
 'type': ['Ransomware', 'Cyberattack', 'Operational Disruption']}