Strauss Borrelli PLLC, a leading data breach law firm, is investigating WK Kellogg Co. regarding its recent data breach. The WK Kellogg data breach involved sensitive personal information belonging to an undetermined number of individuals.
ABOUT WK KELLOGG CO.:
WK Kellogg is a food manufacturer, marketer, and distributor based in Michigan. Founded in 1894, WK Kellogg specializes in breakfast cereal and has a wide array of brands including Frosted Flakes, Froot Loops, Frosted Mini Wheats, Special K, Rice Krispies, Raisin Bran, Corn Flakes, Corn Pops, Apple Jacks, and more.2 In 2024 fiscal year, WK Kellogg’s net sales totaled over $2.7 billion.3 Headquartered in Battle Creek, Michigan, WK Kellogg employs over 1,000 individuals.
WHAT HAPPENED?
Recently, WK Kellogg reported to the Attorney General of New Hampshire that it had experienced a data breach in which sensitive personal identifiable information in its care may have been accessed. According to the breach notice, on February 27, 2025, WK Kellogg learned that a vendor it uses for secure file transfers, Cleo, had experienced a security incident.1 As a result, WK Kellogg launched an investigation to determine the nature of the incident.
Through its investigation, Cleo informed WK Kellogg that sensitive personal information in the servers Cleo hosted that were used for transferring employee files to WK Kellogg human resources service vendors had been compromised by an unauthorized individual on December 7, 2024.1 As a result, WK Kellogg began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. The exact type of personal information potentially exposed has not been made publicly available by WK Kellogg. However, according to state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license or other government identification number
- Account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account
On April 4, 2025, WK Kellogg began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to New Hampshire residents, WK Kellogg is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification letters that WK Kellogg Co. filed with the Attorney General of New Hampshire is below.
If you received a breach notification letter from WK Kellogg Co.:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
