WK Kellogg Co., a U.S. food company, announced a data breach after cyber attackers targeted Cleo software. Cleo is used to transfer files securely, but hackers exploited two security flaws to steal data. These flaws, known as CVE-2024-50623 and CVE-2024-55956, allowed hackers to breach servers.
Kellogg learned about the data breach on February 27, 2025. The company started investigating right away. They contacted Cleo, and Cleo confirmed that an unauthorized person accessed the servers on December 7, 2024. These servers were used to transfer employee files to HR vendors.
About WK Kellogg Co.
WK Kellogg Co. is a U.S. food company that split from Kellogg’s in October 2023. The company makes popular cereals like Froot Loops, Corn Flakes, and Frosted Flakes. They have an annual revenue of $2.7 billion.
Although the company didn’t mention the Clop ransomware gang directly, the attack coincided with a wave of similar attacks in December 2024. The gang later listed WK Kellogg on their data leak website.
What Data Was Exposed?
The exposed data included names and social security numbers. To help those affected, WK Kellogg offered free identity monitoring and fraud protection for one year through a service called Kroll. They also advised impacted individuals to place fraud alerts or a security freeze on their credit.
Kellogg worked closely with Cleo to understand what went wrong. Cleo has since strengthened its security to prevent similar issues.
More Companies Affected by Cleo Attack
The Clop ransomware gang recently targeted WK Kellogg in the Cleo zero-day attacks. The gang continues to reveal more victims and stolen data months after the attack. On March 18, 2025, Western Alliance Bank informed Approx. 22,000 customers that hackers stole their personal data in an October 2024 data breach involving Cleo.
This case highlights the importance of strong cybersecurity and the risks of relying on third-party software for sensitive data transfers.
Also read : TikTok’s Parent Company Faces Huge Fine for Sending European User Data to China
