July 18, 2026

Fairlife halts stateside operations following ransomware breach

Chicago-based dairy company Fairlife paused U.S. production after its systems were breached in a ransomware attack.

Fairlife, maker of ultra-filtered milk and Core Power protein shakes, is a subsidiary of the Coca-Cola Co.

The company said Thursday that the breach included parts of Fairlife’s production systems, but product quality and safety were not affected. However, “the full scope, nature and impacts of the incident are not yet known,” according to its news release. Fairlife’s production in Canada is unaffected.

The company is investigating and assessing the incident with the help of cybersecurity experts and has notified law enforcement. It’s working to restore systems and operations.

There was no update as of Friday afternoon, a Coca-Cola spokesperson said.

Fairlife was founded in 2012 and bought by Coca-Cola in 2020. It’s headquartered in the West Loop and has facilities in Michigan, Arizona, New York and New Mexico.

Fairlife’s annual retail sales exceed $3 billion, according to its website.

Companies and Chicago-area institutions have faced a number of cyberattacks.

In June, Evanston Township High School was hit with a ransomware attack that forced it to temporarily cancel summer classes, sports camps and other on-campus activities.

In May, a cyberattack on the online learning platform Canvas caused disruptions at many Illinois colleges and schools. Canvas’ temporary shutdown forced the University of Illinois Urbana-Champaign to postpone some exams and assignments.

A ransomware attack has forced Fairlife, the Chicago-based dairy manufacturer owned by Coca-Cola, to temporarily suspend production across its U.S. operations. The company disclosed the breach on Thursday, indicating that hackers had infiltrated portions of its manufacturing infrastructure.

Fairlife produces ultra-filtered milk products and Core Power protein beverages, generating more than $3 billion in annual retail sales. The company emphasized that the incident has not compromised the safety or integrity of its products, though it acknowledged that the complete details of the attack remain unclear.

“The full scope, nature and impacts of the incident are not yet known,” the company stated in a written statement. Manufacturing operations in Canada are continuing without interruption.

The dairy company has mobilized cybersecurity professionals to investigate the attack and has alerted law enforcement authorities. Efforts to restore damaged systems and resume normal operations are underway.

As of Friday afternoon, Coca-Cola representatives had provided no additional details about the incident’s resolution or timeline for resuming U.S. production.

Fairlife was established in 2012 and acquired by Coca-Cola a decade later. The company maintains its headquarters in Chicago’s West Loop neighborhood and operates manufacturing facilities in Michigan, Arizona, New York, and New Mexico.

The attack adds to a troubling pattern of cybersecurity incidents affecting the Chicago region. Evanston Township High School suffered a ransomware assault in June that disrupted summer programming, while a May cyberattack on the Canvas learning management platform created widespread disruptions across Illinois educational institutions, forcing the University of Illinois Urbana-Champaign to reschedule examinations.