REvil Ransomware Breach Targets Jack Daniel’s Parent Brown-Forman — Steals 1 TB of Data

The News: The REvil ransomware breach targets Jack Daniel’s parent Brown-Forman, the Kentucky-based parent company of multiple alcohol brands including Jack Daniel’s, Finlandia vodka and Korbel champagne. The gang has gained access to Brown-Forman’s systems and devices for over a month and have purportedly exfiltrated about a terabyte of the company’s data that is now being used as leverage to extort payment from Brown-Forman. Read more at InfoSecurity.

REvil Ransomware Breach Targets Jack Daniel’s Parent Brown-Forman — Steals 1 TB of Data

Analyst Take: In discussing the REvil ransomware breach targeting Jack Daniel’s parent Brown-Forman, it’s important to note that Brown-Forman is not a small company. Headquartered in Louisville, Kentucky, the company has annual revenues in excess of $3 billion and owns whiskey and scotch brands Jack Daniel’s Woodford, Old Forester, Collingwood, Glenglassaugh, and Glendronach, and other liquor brands such as Herradura, El Jimador, Pepe Lopez tequila, Finlandia vodka, Korbel Champagne and Sonoma-Cutrer wine.

In this case, the REvil cyber gang claims to have stolen 1TB of data that includes confidential information and is attempting to force ransom from Brown-Forman by threatening to leak the data in batches on a dedicated site the gang uses to post stolen data on. REvil claims to possess confidential information about employees, company agreements, contracts, financial statements, and internal correspondence. Multiple screenshots posted by REvil to substantiate the breach show internal communications, directory trees, financial documents, contracts, and personnel data, dating as far back as 2009.

With the company having over 4,700 employees in locations all over the world, this attack reminds us that employee information can also be fairly easily compromised. A breach of this nature makes it possible that personally identifiable employee information, like home addresses, DOB, social security numbers, and even personal bank information, are in the hands of cybercriminals, which can easily lead to identity theft.

As is the case in many breach instances, Brown-Forman has been relatively quiet about the breach, but the company reports it has been working with law enforcement and is working with a data security firm.

In a statement commenting on the REvil ransomware breach, Brown-Forman said, “Unfortunately, we believe some information, including employee data, was impacted. We are working closely with law enforcement, as well as world-class third-party data security experts, to mitigate and resolve this situation as soon as possible.” Brown-Forman has also stated that at the moment there are no active negotiations with the attacker.

REvil is a major player in the ransomware game, using a ransomware-as-a-service model that has proven to be incredibly lucrative.

The REvil ransomware breach targeting Brown-Forman and the recent $10 million Garmin ransomware attack is evidence that these type of cyber-attacks are becoming more frequent and more sophisticated in terms of strains. Ransomware that used to attack end users’ personal PCs are now being strategically launched against large corporations or even government entities. As I have predicted in the past, these attacks will become more prominent during the global pandemic since companies are already facing the challenges of accelerated digital transformation while possibly also short-staffed, and may be more vulnerable to cyber-attacks.

At this point it is wait-and-see as to whether Brown-Forman will give in to the REvil cyber gang, and of course we’ll really only know whatever information the company ultimately chooses to release on that front. That said, the list of companies targeted by cyber criminals grows longer by the day, and it’s only a matter of time before the next large corporation is held for cyber ransom. Companies must remain on guard and beef up security measures as much as they can, through solution updates and making sure security teams have the latest training.

Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice.

Other insights from the Futurum team:

Twitter Hacker’s Virtual Court Hearing Gets Zoombombed

Garmin Cyber-attack Garners Up To $10 Million Ransom To Hackers

What the Massive Twitter Hack Means for CISOs and Security Vendors

Image Credit: teiss

Author Information

Sarah most recently served as the head of industry research for Oracle. Her experience working as a research director and analyst extends across multiple focus areas including AI, big data and analytics, cloud infrastructure and operations, OSS/BSS, customer experience, IoT, SDN/NFV, mobile enterprise, cable/MSO issues, and managed services. Sarah has also conducted primary research of the retail, banking, financial services, healthcare, higher ed, manufacturing, and insurance industries and her research has been cited by media such as Forbes, U.S. News & World Report, VentureBeat, ReCode, and various trade publications, such as eMarketer and The Financial Brand.

Related Insights
Kore.ai and Atos Bet on Sovereign Agentic AI, Will UK Enterprises Demand Proof, Not Promises?
July 8, 2026

Kore.ai and Atos Bet on Sovereign Agentic AI, Will UK Enterprises Demand Proof, Not Promises?

Kore.ai and Atos announce a strategic partnership to deliver Sovereign AI solutions to UK organizations, addressing data residency and compliance requirements in the rapidly expanding $181B AI platforms market....
ServiceNow and Accenture Bet on Migration to Win Enterprise Risk
July 7, 2026

ServiceNow and Accenture Bet on Migration to Win Enterprise Risk

Fernando Montenegro, VP at The Futurum Group, examines the ServiceNow and Accenture cybersecurity offering, and why its AI-powered migration and the Armis acquisition point to a bid to become the...
Compliance as Code Is No Longer Optional: Why Manual Reviews Can’t Keep Up
July 4, 2026

Compliance as Code Is No Longer Optional: Why Manual Reviews Can’t Keep Up

Qodo's 'Compliance as Code' framework automates enterprise AI compliance through PR checks, solving the data privacy and security gaps that plague manual reviews at scale....
Brave's Browser Containers Raise the Bar for Privacy and Workflow Flexibility
July 3, 2026

Brave’s Browser Containers Raise the Bar for Privacy and Workflow Flexibility

As AI platform adoption accelerates to $181.3B projected market size, Brave's v1.92 release introduces native browser containers addressing data privacy concerns for 52.6% of enterprise decision makers managing multi-cloud AI...
The Hard(er) Challenge in Agent Governance Is Authorization
June 25, 2026

The Hard(er) Challenge in Agent Governance Is Authorization

Fernando Montenegro, VP at Futurum Group, argues that the launch of the Agent Control Standard does not close the agent governance gap, and that "shrinkage," not universal coverage, is the...
Can Cisco Widen Splunk’s Agentic SOC Capabilities With WideField
June 25, 2026

Can Cisco Widen Splunk’s Agentic SOC Capabilities With WideField?

Fernando Montenegro, VP at Futurum, examines Cisco's planned acquisition of WideField Security and how deeper identity and session intelligence could strengthen Agentic SOC capabilities as enterprises deploy more AI agents...

Book a Demo

Welcome

The vision behind everything in Futurum’s Custom Research practice is this: research should show you what is happening, what comes next, and what to do about it. It should be personal to each audience, easy for people to grasp, and structured so LLMs can reason over it accurately. And it should be fast and turnkey; you want answers now, not another project to carry for quarters.

Whether you are defining business, channel, or go-to-market strategy; evaluating vendors or justifying ROI; or commissioning research to fill an emerging market need, we have your back, with a program that answers your questions with the objectivity and credibility to drive real decisions.

To do it, we bring unmatched data to bear: Futurum research, surveys, and market projections; validated market feeds; ETR’s 15 years of insight from 10,000 technology decision-makers; G2’s buyer and user data; and what our analysts hear every day. Add leading primary collection, from AI-moderated voice interviews to surveys and analyst-led interviews, all turnkey, and every project comes out credible, nuanced, and actionable.

And we don’t just drop the results in your lap. For internal work, we provide analyst-led sessions, interactive dashboards, and a range of formats. For market-facing work, Futurum delivers turnkey activation and amplification that actually gets seen, by people and by LLMs, through our media and share of voice. This is research that moves decisions and markets.

We will meet you wherever you are, from a fast-turn brief to a multi-year program, and shape the work to your goals, timeline, and budget. The right program for your moment.

If any of this is useful, I would love to talk.

Benjamin Brown, VP Custom Research, Futurum Research

Benjamin Brown

VP, Custom Research · The Futurum Group

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.