A cyberattack on one of the country’s biggest milk brands has forced the dairy to suspend operations while it sorts through the chaos.
Coca-Cola, which owns Fairlife, disclosed on Thursday that the dairy’s systems “identified unauthorized access by a third party” to some of its internal systems, including systems that control production. The company described the hack as a ransomware event, indicating the hackers sought to lock up parts of its operations to demand a payment.
Fairlife’s milk products are one of the fastest-growing brands in dairy, driven by consumer interest in high-protein drinks. The brand’s line of milk and chocolate milk advertise an “ultra-filtration” process that uses special filters to concentrate protein and calcium content while filtering most sugar out.
Coca-Cola didn’t disclose the timing of the cyberattack, though notes that law enforcement and external cybersecurity experts have been looped into the situation. Fairlife’s parent company says that the safety and quality of its products haven’t been affected by the breach, which is currently grinding its production operation to a halt.
“… As a result of the incident, production operations at fairlife in the United States are temporarily suspended,” Coca-Cola said in a statement disclosing the attack, adding that its operations in Canada weren’t affected. “The company is working diligently to complete the investigation and restore the systems and impacted operations.”
Coca-Cola paid around $7 billion for its big bet on milk in 2020, and so far the bet is paying off. By 2022, Fairlife was selling more than $1 billion in premium-priced protein-rich milk drinks—and the high-protein trend has only picked up momentum since. By diversifying its soda empire with alternatives marketed for their health perks, Coca-Cola hopes to hedge its bets if soda and sugary drinks continue to fall out of favor with policymakers and wellness-minded consumers.
Fairlife is the latest ransomware target, but it isn’t alone. Ransomware attacks were up by 20% in the first half of 2026, reaching a new baseline of 2,500 incidents per quarter, according to a recent cybersecurity report from NordStellar. Two prominent ransomware-as-a-service groups are driving many of the attacks, breaching systems in industries like healthcare and government to squeeze their marks with AI-powered campaigns.