CC A.I CyberSecurity Scoring
CC
Company Information
Website:http://www.coca-colacompany.com
Employees number:53,568
Number of followers:8,666,822
NAICS:722
Industry Type:Food and Beverage Services
Homepage:coca-colacompany.com
CC Risk Score (AI oriented)
Between 750 and 799
CCFood and Beverage Services
Updated:
16/07/2026
16/07/2026
778/1000
Fair
Baa
CC Global Score (TPRM)
xxxx
CCFood and Beverage Services
Score locked

CCFair
Current Score
778Baa (FAIR)
01000
5 incidents
-24 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
819
Ransomware
16 Jul 2026 • CC
The Coca-Cola Company and Fairlife: Coca-Cola says Fairlife ransomware attack halts US dairy production
Coca-Cola’s Fairlife Subsidiary Hit by Ransomware Attack, Disrupting U.S. Production
778
CRITICAL-41
FAITHE1784240634
Coca-Cola’s Fairlife Subsidiary Hit by Ransomware Attack, Disrupting U.S. Production
The Coca-Cola Company revealed today that its Fairlife dairy subsidiary suffered a ransomware attack, leading to temporary production halts across U.S. facilities. The incident was disclosed in an SEC Form 8-K filing, where Coca-Cola stated that Fairlife detected unauthorized access to its systems, including production-related infrastructure.
Upon discovery, the company activated incident response and business continuity protocols, engaging external cybersecurity experts and notifying law enforcement. While the investigation remains ongoing, Coca-Cola confirmed that product quality and safety have not been compromised. However, production at Fairlife’s U.S. sites has been suspended as systems are restored, with Canadian operations unaffected.
Fairlife, a Coca-Cola-owned brand specializing in ultra-filtered milk, protein shakes, and nutrition drinks, distributes products like Core Power and Fairlife Ultra-Filtered Milk nationwide. The company has not disclosed whether data was exfiltrated, if a ransom demand was made, or which ransomware group is responsible. No threat actor has claimed the attack, though if data was stolen, extortion attempts may follow.
Coca-Cola is working to resume operations but has not yet determined whether the incident will have a material financial impact. The company declined to provide further details beyond its public statement.
INCIDENT DETAILS -
TYPE
IMPACT
REFERENCES
JUNE 2026
818
MAY 2026
818
APRIL 2026
817
MARCH 2026
817
FEBRUARY 2026
823
Cyber Attack
01 Feb 2026 • CC
Adobe, Netflix, Coca-Cola, OpenAI, PepsiCo, Adidas, FIFA and Delta: Phishing poses as big-brand job interview to steal Google accounts
Phishing Campaign Targets Marketing Professionals with Fake Job Offers from Major Brands
816
CRITICAL-7
PEPDELADOFIFTHEADINETOPE1783376814
Phishing Campaign Targets Marketing Professionals with Fake Job Offers from Major Brands
A sophisticated phishing campaign is impersonating over 30 high-profile brands including Adobe, Netflix, Coca-Cola, and OpenAI to steal Google account credentials from marketing professionals under the guise of fake job interviews. The operation leverages legitimate cloud-based platforms, including PeopleForce (an HR service) and Salesforce Marketing Cloud, to lend credibility to its attacks before redirecting victims to malicious landing pages.
The threat actor enhances trust by using real recruiters’ names and photos from the impersonated companies. Researcher Will Thomas of Team Cymru identified at least 34 domains mimicking brands across multiple sectors, such as airlines (American Airlines, Delta), food and beverage (Coca-Cola, PepsiCo), tech (Adobe, OpenAI), and entertainment (Netflix, FIFA).
The campaign employs nested redirects, routing victims through multiple legitimate services before reaching the phishing page. For example, links in phishing emails initially resolve to exct[.]net (a Salesforce-operated domain) before redirecting to Wise Agent, a real estate CRM, and finally to the fraudulent site. The operation has been active for at least five months, initially using Outlook email addresses branded with the impersonated companies’ names.
One phishing email, posing as an Adidas recruiter, invited recipients to schedule a meeting via a link that led to adidas-hiring[.]com. Victims were prompted to sign in with their Google accounts, triggering a fake Google authentication popup a browser-in-the-browser (BitB) technique that mimics a legitimate login window using HTML and CSS.
While the exact method of access to the legitimate platforms remains unclear, the abuse does not indicate a compromise of PeopleForce or Salesforce. The attacker may have created genuine accounts or used stolen credentials to configure the redirect chain. A full list of the malicious domains is available in Thomas’ GitHub analysis.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JANUARY 2026
823
DECEMBER 2025
822
NOVEMBER 2025
821
OCTOBER 2025
821
SEPTEMBER 2025
821
AUGUST 2025
820
APRIL 2022
824
Breach
01 Apr 2022 • CC
The Coca-Cola Company
Data Breach Incident at Coca-Cola Co
799
CRITICAL-25
THE182330422
Coca-Cola Co was targeted by the Stormous group in a data breach incident recently in April 2022.
Stormous group accessed a tranche of Coca-Cola’s confidential data and offered it for $64,000 in bitcoin.
The attack was initiated by the Russian group after the firm decided to pull out of Russia amid war situation.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
MAY 2018
829
Breach
01 May 2018 • CC
The Coca-Cola Company
Data Breach Incident at Coca-Cola
803
CRITICAL-26
THE2144722
The Coca-Cola Company faced a data breach incident.
A former employee was found in possession of worker data on a personal hard drive.
A former employee at a Coca-Cola subsidiary was found in possession of an external hard drive containing information that appeared to have been misappropriated from Coca-Cola.
Coca-Cola worked with law enforcement to investigate the data's origin and validity and determined that some documents contained the personal information of some of its workers.
Data breach notices are issued to about 8,000 individuals whose personal information was
The type of stolen and exposed data varies per employee.
Coca-Cola is offering free identity monitoring for one year to affected employees through a third-party provider.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2013
846
Breach
10 Dec 2013 • CC
The Coca-Cola Company
Data Breach at The Coca-Cola Company
813
HIGH-33
THE835080425
The California Office of the Attorney General reported that The Coca-Cola Company experienced a data breach involving the theft of several laptops assigned to its users. The breach was discovered on December 10, 2013, and reported on January 24, 2014. The specific details of the personnel information compromised are unknown.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for CC ??
What was CC's A.I Rankiteo Cyber Score in June 2026 ??
What was CC's A.I Rankiteo Cyber Score in May 2026 ??
What was CC's A.I Rankiteo Cyber Score in April 2026 ??
What was CC's A.I Rankiteo Cyber Score in March 2026 ??
What was CC's A.I Rankiteo Cyber Score in February 2026 ??
What was CC's A.I Rankiteo Cyber Score in January 2026 ??
What was CC's A.I Rankiteo Cyber Score in December 2025 ??
What was CC's A.I Rankiteo Cyber Score in November 2025 ??
What was CC's A.I Rankiteo Cyber Score in October 2025 ??
What was CC's A.I Rankiteo Cyber Score in September 2025 ??
What was CC's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on CC's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with CC ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view CC's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?