
The beverage giant disclosed the incident in a July 2026 Form 8-K filing with the U.S. Securities and Exchange Commission, stating that production at Fairlife’s U.S. facilities is temporarily suspended while cybersecurity experts investigate. The company emphasized that product quality and retail safety have not been compromised.
Fairlife’s Canadian production operations remain unaffected, according to Coca-Cola’s statement. The company said it is working to complete the investigation and restore impacted systems and operations, but did not provide a timeline for when production might resume.
Key details about the attack, including whether sensitive employee or consumer data was exfiltrated, whether a ransom demand was made, or which threat actor is responsible, have not been disclosed. No ransomware group has claimed responsibility for the breach.
Fairlife, known for its ultra-filtered milk and Core Power protein shakes, is one of Coca-Cola’s major brands, with estimated sales of $4 billion in 2024. Coca-Cola completed its purchase of Fairlife from Select Milk Producers in 2020 for roughly $7 billion.
Ransomware attacks on food and beverage companies have previously caused weeks-long production disruptions and empty grocery shelves, as seen in a 2025 attack on United Natural Foods, a major distributor to retailers like Whole Foods.
Other news coverage

NRI Herald • July 18, 2026

NRI Herald • July 18, 2026

NRI Herald • July 17, 2026

NRI Herald • July 17, 2026