The Coca-Cola Company has suspended U.S. production at its Fairlife dairy subsidiary after disclosing a ransomware attack that hit the unit's production-related systems, a rare cyber incident to strike a Fortune 100 consumer packaged-goods company hard enough to visibly halt manufacturing.
What Coca-Cola disclosed
In an SEC filing, Coca-Cola said Fairlife identified unauthorized third-party access to a portion of its systems "in connection with a ransomware event" on July 16 and immediately activated incident response and business-continuity plans. U.S. production at Fairlife plants is "temporarily suspended" for the foreseeable future while the company works with outside advisors and cybersecurity experts to assess scope. Operations in Canada are unaffected, and Coca-Cola said product quality and safety have not been impacted.
Why Fairlife matters to Coca-Cola
Fairlife is not a side bet: its ultra-filtered milk products — sold under the Fairlife, Core Power and YUP! brands — helped ignite the modern high-protein craze that accelerated alongside GLP-1 weight-loss drugs, and are estimated to have generated roughly $4 billion in sales by 2024, ranking Fairlife among Coca-Cola's billion-dollar brands. Any multi-week outage at U.S. plants would ripple into grocery shelves quickly.
Pattern of manufacturing-line ransomware
The Fairlife shutdown fits a growing pattern of ransomware attacks on food and beverage manufacturing lines. Arizona Beverages saw production disrupted for weeks in 2019, and U.S. food distributor UNFI reported empty shelves and lost sales after a 2025 attack. Coca-Cola has not yet said whether any data was stolen, whether extortion is being negotiated, or which ransomware crew is responsible; no group has claimed the attack.
The incident lands during an unusually busy week for enterprise cyber intrusions covered by The Robotics Media — including the Ernst & Young data breach, the WP2Shell WordPress pre-auth RCE, and Oak's $60M seed to build an AI identity operating system.
Reporting based on coverage from TechCrunch, BleepingComputer, SecurityWeek, Cybersecurity Dive and Coca-Cola's SEC disclosure.
