story

Cyberattack Strikes Clorox, Disrupting Operations

    Cyberattack Strikes Clorox, Disrupting Operations
    Last updated Sep 18, 2023
    Image credit: Wikimedia Commons

    Facts

    • Some Clorox products are now in short supply after an August cyberattack caused large-scale disruption in the company's production.
    • The company, [headquartered in Oakland, Calif.], produces cleaning products like Clorox bleach and Pine-Sol and said that it doesn't have a firm estimate for when it will be able to fully resume operations.
    • In a US Securities and Exchange Commission filing, Clorox said that on Aug. 14, it had "identified unauthorized activity on some of its information technology systems," and has since initiated "manual ordering and processing procedures" and reduced its production in order to address the situation.
    • While the company now believes that the attack has been contained, it has been unable to get its manufacturing operations back up to full speed. Orders are being processed and fulfilled manually and it may not be until next week that these processes return to normal.
    • Clorox said that the cyberattack and subsequent delays will hurt its current-quarter material financial results, but has hesitated on determining any longer-term impact, saying that doing so would be premature given their ongoing cyber recovery efforts.
    • This shortage also comes as the US Centers for Disease Control and Prevention (CDC) has projected a potential uptick in the flu, COVID, and the RSV virus this fall.

    Spin

    Narrative A

    Companies often fail to disclose cyber attacks when they happen or hide the full extent of damages in fear of startling current or potential customers, damaging their stock value, or incurring legal challenges. It's important that organizations urgently share when they have been the victim of a complex cyberattack in order to raise public awareness of the impacts. This Chlorox shortage — while not at the scale of 2020 COVID-era shortages — is an example of how disruptions can potentially impact daily life.

    Narrative B

    While companies in general need to be transparent about their cyber processes and infrastructure, simple human error is to blame for 82% of cyber consequences. Employees are often the people who accidentally expose sensitive information that enables cyber criminals to access a company's systems. Despite the complex impacts on supply chains, simple training of real people on what to click and what to avoid can greatly reduce this issue.

    Nerd narrative

    There's a 97% chance that an AI system will be reported to have independently gained unauthorized access to another computer system before 2033, according to the Metaculus prediction community.


    Articles on this story

    Sign up to our newsletter!