The Coca-Cola Company has suspended milk production at its Fairlife dairy facilities in the U.S. following a ransomware attack.

This disruption highlights the vulnerability of critical food and beverage supply chains to cyberattacks, as a breach in IT infrastructure can lead to immediate physical production halts.

According to an SEC filing submitted on Thursday, July 17, 2026 [1], the company disclosed that the disruption was the result of a ransomware attack. The breach involved "unauthorized access by a third party to a portion of its systems," a Coca-Cola spokesperson said [2].

The attack has specifically targeted Fairlife's production operations within the United States. While U.S. facilities are currently offline, the company said its operations in Canada remain active [3].

Coca-Cola has not provided a specific timeline for when production will resume. The company said that production activities "remain suspended" as it manages the aftermath of the network breach [4].

Fairlife, a subsidiary of the Coca-Cola Company, specializes in ultra-filtered milk. The sudden halt in production could lead to regional shortages of the brand's products across the U.S. market while the company works to secure its IT environment [5].

The company is currently investigating the extent of the unauthorized access and working to restore its systems. This incident follows a growing trend of ransomware targeting industrial control systems, and corporate networks in the food sector [2].

"unauthorized access by a third party to a portion of its systems"

This incident underscores the systemic risk posed by ransomware to the 'just-in-time' delivery models used by major dairy producers. Because milk is a perishable commodity, a prolonged IT outage does not just stop data flow but halts the physical movement of goods, potentially causing immediate gaps in retail availability and financial losses for the parent company.