+44 (0) 121 582 0192 [email protected]


In the world of candy manufacturing, The Hershey Company is a name synonymous with delicious treats like Reese’s Peanut Butter Cups and Hershey’s chocolates. However, in a digital age, even the sweetest of companies can fall victim to a bitter reality: data breaches. Recently, Hershey found itself grappling with a data breach incident that impacted 2,214 individuals, highlighting the ever-present threat of cyberattacks in today’s interconnected world.


The Incident

Between September 3rd and 4th, The Hershey Company, an American confectionery giant, fell victim to a phishing attack. An unauthorized user infiltrated several employee accounts, compromising the personal data of 2,214 individuals. Potentially compromised data ranged from personal information like first and last names, dates of birth, and contact details to more sensitive data, including driver’s license numbers, credentials for online accounts, health and medical information, financial account details, debit or credit card information, and access codes.


The Response

Hershey’s response was swift. The company promptly detected the breach and engaged a forensic team and law enforcement to assess the impact. Despite no evidence of data misuse, Hershey notified the affected individuals, embodying a cautionary approach in line with best practices in data breach response.


The Implications

The varied nature of the compromised data raises significant concerns. From identity theft to financial fraud, the repercussions for the individuals affected could be far-reaching. The incident underscores the need for robust cybersecurity measures and highlights the importance of awareness and training in recognizing phishing attempts.


The Role of Data Privacy Consultants

In this digital era, the expertise of data privacy consultants like Formiti Data International Ltd has become invaluable. Specializing in global data protection law compliance, our role extends beyond the aftermath of a breach. We proactively work with clients across 120 countries, ensuring they are not only compliant but also equipped with the best practices to prevent such incidents. Our services, detailed at Formiti Global Data Privacy Services, include risk assessments, policy development, and employee training tailored to each organization’s unique needs.


Safeguarding Your Data

As individuals, the responsibility of protecting our data starts with us. Vigilance in recognizing phishing emails, securing our online accounts, and being cautious about the information we share online are critical steps. Additionally, consulting with data privacy experts can provide an added layer of security.



The Hershey data breach incident, though limited in scope, serves as a crucial reminder of the ever-present threats in our digital world. As we navigate this landscape, the role of data privacy consultants becomes more critical than ever. If you are concerned about your data security or compliance with global data protection laws, Formiti Data International Ltd offers comprehensive services to guide and protect your organization.