Ferrara Candy, the manufacturer of popular confectionery brands like Nerds, Laffy Taffy, and SweetTarts, suffered a ransomware attack on October 9, just weeks before Halloween—a peak sales period. The attack disrupted production across its manufacturing facilities, leading to operational halts and a backlog of unfulfilled orders. While the company has since resumed operations, the incident caused temporary delays in supply chains, though Ferrara claims no significant consumer impact is expected.The attackers' identity, ransom amount, and whether payment was made remain undisclosed. The timing of the attack—targeting a critical seasonal period—suggests a deliberate strategy to maximize pressure on the victim. Ransomware groups often exploit such high-stakes moments to coerce swift payments, leveraging the urgency of business continuity. Ferrara’s recovery efforts are ongoing, but the incident highlights vulnerabilities in industrial sectors reliant on just-in-time production, particularly during demand surges.

The Maine Office of the Attorney General reported that Ferrara Candy Company experienced a data breach involving unauthorized access to its network between October 2, 2021 and October 9, 2021, affecting 8,359 individuals in total, including one Maine resident. The compromised information included names and Social Security numbers. Notification to impacted individuals was provided in writing on April 29, 2022, and identity theft protection services were offered for twelve months through Equifax.