Author: admin

Powdered whole milk used to make ByHeart infant formula could be a source of contamination that led to an outbreak of botulism that has sickened dozens of babies, U.S. health officials indicated Friday.

Testing by the U.S. Food and Drug Administration found the type of bacteria that can cause the illness in two samples linked to the formula, officials said.

The agency found that bacteria in an unopened can of formula matched a sample from a sick baby — and it also matched contamination detected in samples of organic whole milk powder used to make ByHeart formula and collected and tested by the company.

FDA testing also found contamination in a sample of whole milk powder supplied to ByHeart — and it matched the germ in a finished sample of the company’s formula.

The findings are not conclusive, and the investigation continues “to determine the source of the contamination,” the agency said in a statement.

A ByHeart official said the finding helps shed light on what has become a “watershed moment” for the company.

“We are focused on the root cause and our responsibility to act on what we’ve learned to help create a safer future for ByHeart and infant formula,” said Dr. Devon Kuehn, ByHeart’s chief scientific and medical officer.

Neither FDA nor ByHeart named the supplier of the powdered whole milk.

At this time, there is no indication of a broader problem in the infant formula supply, the FDA said.

New York-based ByHeart has been at the center of a food poisoning outbreak that has sickened 51 babies in 19 states since December 2023. The problem was identified in November after officials with the California program that supplies the sole treatment for infant botulism detected a surge in cases in babies who consumed ByHeart formula.

No new cases in the outbreak have been identified since mid-December, the U.S. Centers for Disease Control and Prevention said.

ByHeart initially recalled two lots of formula, but it expanded the recall to all products days later. Federal health officials later said they could not rule out contamination of all products made since the company launched in March 2022.

That followed company testing, announced in November, that found six of 36 samples of formula from three different lots contained the dangerous type of bacteria that causes infant botulism.

Illnesses caused by botulism bacteria in infant formula are rare, and the size and scope of the ByHeart outbreak is unprecedented, food safety experts said.

Some formula companies do test raw materials and finished formula for evidence of the contamination, but such testing should be required, said Sarah Sorscher, director of regulatory affairs for the Center for Science in the Public Interest, an advocacy group.

“FDA has not announced a plan to do testing, and that’s what we really want to see them do,” she said.

Even if the contamination was traced to a milk supplier, the company remains responsible for the harm caused by its product, said Bill Marler, a Seattle food safety lawyer who represents more than 30 families of babies who fell ill.

“Just because they are able to point the finger at dried powder as the ingredient that may have been contaminated, it doesn’t take any of the legal or moral responsibility away from ByHeart,” Marler said.

ByHeart, which accounted for about 1% of the U.S. infant formula market, previously sold about 200,000 cans of the product per month. It was marketed as an option close to human breast milk, one that used “organic, grass-fed whole milk.” Parents of babies sickened in the outbreak said they chose the formula, which cost about $42 per can, because of its touted health benefits.

___

The Associated Press Health and Science Department receives support from the Howard Hughes Medical Institute’s Department of Science Education and the Robert Wood Johnson Foundation. The AP is solely responsible for all content.

The Genesis of Collective Defense

At certain moments in a career, you get the rare opportunity to look back and say, this work mattered. Not because of an individual accomplishment, but because it contributed to something larger — something that changed how an industry thinks and operates. The Cyber Threat Alliance (CTA) is one of those efforts.

When the CTA was first conceived in 2014, the cybersecurity industry looked very different than how it does today. Threat intelligence was widely viewed as a competitive advantage, tightly guarded and rarely shared beyond company walls. Collaboration between major security vendors — especially direct competitors — was almost unheard of. The prevailing mindset was simple: information was power, and power was proprietary.

Against that backdrop, a bold idea emerged: What if competitors worked together for the collective defense of customers and the broader digital ecosystem? What if sharing high-fidelity threat intelligence could raise the cost for adversaries and make everyone safer? As Mark McLaughlin, then CEO of Palo Alto Networks, famously put it at the time, the importance of the future CTA was clear: “Don’t let this fail.”

With that charge, four industry leaders — Palo Alto Networks, Fortinet, McAfee (Intel Security) and Symantec — came together on a handshake agreement to prove that collaboration at scale was not only possible, but necessary. It was, by any measure, a radical idea. Yet those early conversations laid the foundation for what would become the Cyber Threat Alliance.

The Architecture of Trust: Turning Vision into Reality

Turning that vision into reality required more than shared intent. A small working group representing each founding company was tasked with answering hard questions: what the CTA should be, what it should not be and how it could operate independently while earning trust across the industry. With guidance from experts familiar with the ISAC and ISAO landscape, the group worked through governance models, legal frameworks and operational structures. This involved reading more bylaws and legal documents than anyone ever hoped to encounter, but it was essential work. The CTA needed to be built deliberately, with integrity and clarity of purpose.

As the organization took shape, strong leadership became critical. That need was met when Michael Daniel, fresh from serving as Cybersecurity Coordinator for President Obama, stepped in to lead the CTA. His experience, credibility and ability to navigate both policy and industry realities helped propel the organization forward during its formative years.

Fast forward to 2026. As the CTA marks its ninth anniversary, the mission that sparked its creation remains relevant and urgent. The CTA has grown its influence beyond data sharing.

The CTA stands in a unique position to provide oversight and technical influence as a global leader in cybersecurity policy by representing the member companies in one place. With the expanding membership that spans across the globe, the CTA is now an essential piece of global cybersecurity infrastructure. Adversaries continue to evolve, borders remain irrelevant to cyber threats and no single organization can defend alone. What has changed is our proof point: collaboration works.

Reflecting on Nine Years and the Road Ahead

For those of us who have had the privilege of being involved since the earliest days, it has been remarkable to watch a bold idea turn into a trusted global institution. What began as a handful of competitors agreeing to try something different has grown into an organization that meaningfully influences how the industry shares intelligence, engages on policy and works together to protect customers worldwide.

Being part of that journey — helping shape the foundation, watching it mature and continuing to support its growth — has been one of the most professionally rewarding experiences of my career.

The CTA’s success is not defined solely by years or membership numbers, but by the collective commitment of its members to act in the interest of the broader ecosystem. Every shared indicator, every technical contribution and every policy engagement strengthens not just individual companies, but the security of communities across the globe.

As we look ahead, the call to action is simple: stay engaged, stay committed and continue to collaborate. Whether through sharing intelligence, contributing technical expertise or helping shape global cybersecurity policy, each member plays a role in ensuring the CTA remains a trusted and effective force against today’s most pressing cyber threats.

The work is far from done. Together, we are better positioned than ever to meet what comes next.

Happy 9th Anniversary, CTA!

Additional Resources

Sharing Threat Intelligence Makes Everyone Safer – Michael Sikorski, Palo Alto Networks

More About The Author

Kathi Whitbey is the Lead Principal Program Manager for Unit 42 at Palo Alto Networks, where she has spent more than a decade driving strategic programs and initiatives. She played a pivotal role in the formation and incorporation of the Cyber Threat Alliance (CTA), including leading early efforts to design and operationalize the CTA Platform for secure intelligence sharing among member companies.Deeply committed to the mission of Unit 42,

Kathi is a strong advocate for the team’s work and a dedicated mentor to emerging professionals in cybersecurity and risk management. Her career includes leadership roles in software development management and technical training across multiple U.S. government organizations, including the Department of State, where she traveled globally to deliver training on custom software applications. In addition to her professional work, Kathi has served as a volunteer Emergency Medical Technician, including a 12-month deployment supporting the U.S. Navy at Camp Lemonnier in Djibouti, Africa. She holds a Master’s degree in Information Systems and brings together technical expertise, operational leadership and a deep commitment to service and collaboration.