Dole said the personal data of 3,885 U.S. employees was breached in a February ransomware attack, according to a filing on Tuesday with the Maine Attorney General.
The attack briefly forced the shutdown of the company’s North American operations and cost the fresh produce giant about $10.5 million during the first quarter.
Dole said the hackers accessed the names, addresses, driver’s license numbers, passport numbers, dates of birth, phone numbers and other employment information, according to the filing.
Dole notified law enforcement and hired leading cybersecurity firms to help investigate the attack.
Dole previously disclosed the attack impacted half of the legacy company’s servers and one-quarter of its end user computers, the company said in regulatory filings with the Securities and Exchange Commission. All of the impacted servers and computers have been restored or rebuilt since then.
Dole CEO Rory Byrne, in a conference call with analysts, previously warned the company would not be able to fully recover the financial impact through insurance, saying the ability to obtain adequate coverage in North America was difficult.
The attack led to more significant disruption to the company’s Chilean and fresh vegetables business.
Dole previously merged with Total Produce in 2021 to form Dublin-based Dole plc. The U.S. subsidiary is based in Charlotte, N.C.
The company has been working with the outside firms to rescue and restore data and is taking steps to upgrade its data security and prevent such an attack from happening in the future.
Dole said it has no reason to believe the information has been misused or will be in the future, in the disclosure letter. The company has been monitoring the dark web for any signs of data misuse.
However, Dole is offering the impacted employees one year of free credit monitoring from Equifax. The company also warned workers to avoid clicking attachments from suspicious emails or responding to unsolicited requests for personal information.
A spokesperson for Dole was not immediately available for comment.