Sportswear brand Puma has been hit by a ransomware attack. The personal details of almost half of the staff were stolen. It is unknown if the attackers demanded a ransom.
BleepingComputer reports this on the basis of reports to the attorneys general of various American states.
Puma target of ransomware attack
Puma is an internationally known brand that sells sportswear, sneakers and other sporting goods. Worldwide, the German-based sports company employs more than 14,300 people and is active in 120 countries. In 2020, Puma achieved a turnover of more than 5.2 billion euros. In short, the manufacturer processes data from many customers, employees and business partners. The ideal recipe for hackers to take a big hit if the security is not in order.
Puma has informed several attorneys general in multiple US states that the company was hit by a ransomware attack in December 2021. Hackers then install ransomware on the computer network to encrypt confidential and sensitive data. This data is only accessible with a decryption key, which is of course in the possession of the attackers. The victim gets this access key when paying the ransom. Depending on the size of the company, that amount can be quite expensive.
Personal data stolen by more than 6,600 employees
In a letter to victims (PDF), Puma writes that the data comes from the Kronos Private Cloud. The administrator of the cloud environment experienced the necessary disruptions at the end of last year and went to investigate. It found that ransomware was responsible for these interruptions.
Next, security researchers discovered that “an unauthorized person” had access to personal information stored in the cloud. On Monday, January 10, Kronos notified the sports brand of the data breach. The cloud provider says it has taken additional security measures to prevent a recurrence in the future. An external cybersecurity company also helps to identify the exact cause of the ransomware attack.
The Maine Attorney General said the personal data of 6,632 Puma employees was stolen in the attack. He does not say exactly what data the hackers stole. All he mentions are Social Security numbers. Victims are offered a two-year membership to Experian IdentyWorks. Victims can recover financial damage as a result of identity fraud caused by the data breach from this insurer.
Hackers steal application source code
It is not the first time that Puma has been targeted by hackers. They also struck the company in August 2021. Then they stole the source code of an application that Puma was developing at the time. No customer data was stolen in that attack, the head of the communications department Robert-Jan Bartunek confirmed at the time. The source code was sold through the Marketo data breach portal.
Catch up on more articles here
Follow us on Twitter here