Food service provider Edward Don has suffered a ransomware attack that has caused the company to shut down parts of the network to prevent the spread of the attack.
Edward Don and Company is one of the largest distributors of food service equipment and supplies such as kitchen supplies, bar supplies, silverware and tableware.
Today, Bleeping Computer learned that Edward Don suffered a ransomware attack earlier this week that disrupted his business operations, including his phone systems, network, and email.
The email disruption has caused employees to use Gmail accounts to communicate with customers regarding rush orders or fulfillment issues.
Edward Don has not publicly disclosed the attack at this time, but employees have stated that they cannot accept new orders until the systems are back online.
As Edward Don is one of the leading distributors of foodservice supplies, this attack will cause a significant disruption in the supply chain for hospitals, restaurants, hotels and bars.
Bleeping Computer has tried to contact Edward Don but has received no response.
If you have first-hand information about the Edward Don attack or other unreported cyberattacks, you can contact us confidentially on Signal at +16469613731 or on Wire at @ lawrenceabrams-bc.
Qbot Trojan seen on the Edward Don network
At this time, it is unclear which ransomware operation carried out the attack.
However, Advanced Intel CEO Vitali Kremez has told Bleeping Computer that the company may have been infected by the Qbot malware due to its adverse visibility.
Qbot has been known to partner with ransomware operations to provide them with remote access to infected networks. Ransomware gangs use this remote access to spread laterally across a network, steal data, and ultimately deploy ransomware to encrypt devices.
In the past, the ProLock and Egregor ransomware gangs have partnered with Qbot. Since its closure, the REvil ransomware gang has been using the botnet.
Ransomware has caused significant disruption to critical infrastructure and the supply chain over the past two months, with recent attacks on the Colonial Pipeline and food producer JBS.
Colonial Pipeline paid a $ 4.4 million ransom to Operation DarkSide, and JBS paid REvil $ 11 million after its attacks.