Sysco, the world’s leading food service company, experienced a data breach in 2023 that exposed customer and employee data, leading to a class action lawsuit. The breach resulted in victims spending significant time and money on identity theft and fraud protection, with an increased risk of future fraud. Plaintiffs alleged Sysco’s inadequate cybersecurity measures failed to prevent the incident. While Sysco denied wrongdoing, it agreed to a $2.3 million settlement, offering eligible U.S. residents (who received breach notices in May 2023) up to $5,000 for documented losses, credit monitoring, and residual cash payments. The breach’s consequences included financial burdens, reputational damage, and long-term vulnerability for affected individuals, with claims requiring proof of expenses and a valid class member ID by the September 8, 2025 deadline.

Sysco, the global food distribution giant, suffered from a data breach, that exposed data including customer and employee data. The exposed data includes data relating to the operation of the business, customers, employees, and personal data, reads a 10-Q quarterly report filed with the U.S. SEC. This data extraction has not impacted Sysco’s operational systems and related business functions, and its service to customers continued uninterrupted. Sysco also notified federal law enforcement. The security team at Sysco added further measures as a result of the incident to guard against a similar compromise in the future.

The California Office of the Attorney General reported a data breach involving Sysco Corporation on May 16, 2023. The breach occurred on January 14, 2023, where unauthorized access to systems potentially exposed personal information of current and former colleagues, including names and social security numbers.