Oklahoma Chain Braum’s Suffers Second Ransomware Attack, Disrupting Operations

On January 29, 2025, Braum’s Ice Cream and Dairy Stores, headquartered in Oklahoma City, Oklahoma, experienced a second ransomware attack, once again disrupting operations across its 300+ locations. While details of this latest attack remain unclear, it follows a July 16, 2024, ransomware attack by Hunters International, which resulted in 1.5 TB of stolen sensitive data, including employee records, financial documents, proprietary product formulas, and legal information. The latest breach has forced Braum’s to shut down drive-thrus and digital payment systems, with many locations relying on manual order processing and cash-only transactions.

Given the scale of the previous breach, cybersecurity experts suspect that persistent vulnerabilities in Braum’s network may have enabled the attackers to strike again. The 2024 attack was linked to Hunters International, a Ransomware-as-a-Service (RaaS) group with ties to the dismantled Hive ransomware operation. While it is not confirmed whether the same group is behind this second breach, the similarities suggest Braum’s may have remained a high-risk target. As the company works to restore systems store by store, this incident highlights the urgent need for enhanced cybersecurity defenses to prevent further disruptions.