A notorious hacking group, responsible for recent breaches at major casino companies, is also suspected of orchestrating a recent cyberattack against Clorox Co. that has resulted in a nationwide shortage of its cleaning products. According to four undisclosed sources, officials believe that “Scattered Spider” is behind the breach that Clorox initially revealed in August.
This same group, known for its social engineering tactics, has been linked to attacks on Caesars Entertainment Inc. and MGM Resorts International in recent weeks, as previously reported by Bloomberg News. Clorox confirmed on Wednesday that the attack has significantly impacted its sales and profits for the quarter ending in September and continues to disrupt its operations.
Guests were unable to charge purchases to their rooms
Scattered Spider hackers specialize in targeting call centers and IT help desks, posing as employees to deceive support staff into revealing information that allows them to access accounts. The consequences of their recent attacks have been far-reaching. At MGM properties, guests were unable to charge purchases to their rooms, slot machines were offline, and reservation websites were inoperative. However, the impact on Clorox appears to be even more severe. The company has not responded to requests for comment.
Nonetheless, in a statement released on Wednesday, Clorox stated that its fiscal first-quarter net sales are expected to decline by up to 28% from the previous year due to the cyberattack, with organic sales (excluding currency fluctuations, acquisitions, and divestitures) expected to fall by as much as 26%. Previously, the company had projected mid-single-digit growth in organic sales. Additionally, Clorox anticipates a decrease in gross margin compared to the same quarter last year, contrary to its previous expectations of an increase.
Clorox now predicts an adjusted loss of up to 40 cents per share, with the cybersecurity attack outweighing the benefits of pricing, cost savings, and supply-chain improvements. Prior to the announcement of the cyberattack, analysts had expected a profit of $1.37 per share on average.
Increasing production and replenishing trade inventories
The company’s statement mentions that it expects ongoing but diminishing operational impacts in the second quarter as it progresses toward normalizing operations. Clorox is currently evaluating the long-term impact of the cyberattack on fiscal year 2024 and beyond. As of September 29, Clorox indicated that it was still working to recover from the disruption, stating, “We are increasing production and replenishing trade inventories, with a focus on maximizing shipments.”
It’s worth noting that the cyberattack occurred during a period when Clorox was undergoing internal restructuring and seeking a path forward following a significant decline in disinfectant sales as the pandemic waned. The attack affected all of Clorox’s facilities in the United States, with some factories halting production while employees shifted their focus to cleaning, maintenance, and training.