In June 2017, Cofco’s operations in Argentina were severely disrupted by the NotPetya wiper virus, a destructive cyber attack originating from a compromised update of the Ukrainian accounting software M.E.Doc. The malware, distributed via a backdoor in M.E.Doc’s update mechanism, spread globally, crippling systems at Cofco and halting critical operations. The attack caused operational interruptions, slowing wheat and fertilizer shipments and threatening soybean exports to China—Argentina’s primary trade partner—during peak export season. Cofco was collateral damage in a broader cyber offensive attributed to Russia’s Sandworm Team (Unit 74455), which initially targeted Ukrainian systems. The incident underscored the cascading risks of supply-chain attacks, where a single compromised vendor (Intellect Service/M.E.Doc) enabled widespread disruption across unrelated industries, including agriculture and logistics. The financial and reputational fallout was compounded by the timing, as delays in shipments risked contractual penalties and strained relationships with key buyers like China. The attack also exposed vulnerabilities in third-party software dependencies, forcing Cofco to grapple with recovery while global cybersecurity firms, including Talos, investigated the breach’s origins in Ukraine.