Ransomware Group aurora Hits: Allan Brothers Fruit

16 June 2026

In the latest cybersecurity news, Allan Brothers Fruit — a company operating in the US — has fallen victim to a ransomware attack conducted by the group aurora. This data breach, discovered on 2026-06-16T13:22:03.166497+00:00, underscores the increasing need for proactive cybersecurity defenses as we continue through 2025.

In response to increasing cyber threats, it’s critical to protect your organization with proactive security measures. HookPhish provides enterprise-grade solutions designed to reduce your risk of future attacks:

Phishing Simulation – Test and improve employee readiness with realistic, controlled phishing campaigns.
Cybersecurity Awareness Training – Educate your team to recognize and respond to common attack tactics.
Data Breach Monitoring – Get real-time alerts if your organization’s data appears in public or dark web breaches.
Phishing Detection and Response – Detect, investigate, and neutralize phishing threats before they cause damage.

Protect your organization before it becomes the next headline. Explore HookPhish.

Incident Report

Attribute	Information
Target Organization	Allan Brothers Fruit
Threat Group	aurora
Summary	[food] Allan Brothers, Inc. — a third-generation, family-owned tree-fruit operation headquartered in Naches, Washington. Allan Brothers packs and ships apples and cherries from a 300,000 sq ft cold-storage facility, employing roughly 45 full-time staff and up to 2,000 seasonal workers during peak harvest. Eight server volumes: 14,228 employee records from ADP Workforce Now — names, dates of birth, phone numbers, gender, employment history, photos — covering every person who has ever worked at Allan Brothers, including seasonal cherry pickers, H-2A visa workers, and office staff. W-2 tax filings with full Social Security Numbers for employees across eight legal entities (ALLAN, ABMEXICO, ABSAGE, ABSAGEMOOR, ABVINEYARD, ABAG, ABSHELTON, ABFROST). Direct deposit forms with bank routing numbers and account numbers for named individuals — the raw ingredients for ACH fraud. H-2A visa worker tracking spreadsheets listing which workers have or are missing Social Security Numbers, plus I-9 employment eligibility audits — exposing immigration status for the most vulnerable members of the workforce. A complete Oracle RMAN database backup of the Famous Software production system — the company’s grower settlement, customer pricing, and lot-tracking engine. 1.3 GB of employee badge photos — facial images linked to names and employee IDs for hundreds of workers. COBOL-era accounting databases spanning 8 legal entities — GL, AP, AR, payroll, and W-2 filing data going back years. OSHA incident logs naming workers who sustained injuries, with injury descriptions and treatment details.
Date of Breach	2026-06-16T00:00:00+00:00
Discovery Date	2026-06-16T13:22:03.166497+00:00
Region	US
Target Domain	Allan Brothers Fruit
Business Sector	Agriculture and Food Production

Don’t wait for a breach to take action — stay informed and take control of your cybersecurity posture today.

You can also check if your organization’s data has been exposed using our free Data Breach Checker.

Disclaimer: HookPhish does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.