Sat | Feb 4, 2023

Campari data breach slows local operations

Published:Sunday | December 27, 2020 | 12:05 AMSteven Jackson - Senior Business Reporter
CEO of the Campari Group, Bob Kunze-Concewitz.
CEO of the Campari Group, Bob Kunze-Concewitz.

Rum maker J. Wray & Nephew (JWN) is reporting that while it was forced to revert to some manual procedures following a global malware breach affecting group operations at its Italian parent Campari, business continuity procedures were activated to keep business functions intact.

“The hack did not negatively affect sales. If anything, it resulted in the team working longer,” JWN spokesperson Tanikie McClarthy Allen said this week.

The local company produces the flagship Wray & Nephew rum and Appleton Estate premium rums, among Campari’s extensive portfolio of brands.

The hack of one of the largest global spirits makers and distributors comes at a time when other databases around the world are being attacked with increased frequency as staff work remotely, which extends the boundary of corporate networks, making them more susceptible to attacks.

McClarthy Allen, JWN’s director of public affairs and sustainability, said that the company has had to revert to manual processes to fulfil orders and continue business operations. The company returned to operating via its network in late November.

Across the global Campari network, some peripheral or secondary services remain temporarily suspended; some deliberately for security reasons. Taking those network services offline has reduced functionality, the group reported earlier this month.

Campari spokesman Enrico Bocedi, while acknowledging the breach, referred The Sunday Gleaner to the organisation’s previous statements on the matter. The group indicated in its latest filings this month that the breach led to thousands of data points being potentially seen, copied or utilised by hackers.

“As there is an ongoing investigation in place, it is possible that new facts may come to light going forward,” a statement by Campari said.

In December, the company reported that the breach potentially impacted a database of about 6,000 employees, consultants and former workers. It also affected more than 10,000 customers – active and inactive – suppliers and business partners. In a notice posted to its website, Campari said the incident could have also affected stakeholders, including journalists.

The data affected includes contracts, email, telephone numbers, identification information and other personal data. It also affected accounting data mainly relating to the company’s US subsidiary, Campari America. Banking data, including credit card information, was not involved in the breach, Campari advised.

It encouraged suppliers or stakeholders who are concerned about breaches to “not respond to suspicious requests or messages, especially in relation to payments – such as change of payment details, or request for password or bank account information,” stated Campari. It also suggested that concerned persons should not open any link unless its coming from reliable sources.

The hack, discovered in November by Campari in Europe, led to a series of investigations. These investigations are ongoing to determine if the cyberthieves accessed top-tier company information relating to “confidential business documents and information such as contracts, analysis, presentations, accounting”, according to Campari.

Campari Group’s net sales totalled €1.28 billion over nine months to September 2020, with Jamaica accounting for 4.8 per cent of total sales. Sales for the group fell 1.2 per cent year-on-year, while its profit after tax fell 22 per cent to €190 million. Management attributed the decline to the impact of the COVID-19 pandemic on the global economy.

“Unfortunately, COVID-19 has negatively impacted sales, but that is to be expected,” McClarthy Allen told The Sunday Gleaner.