Coca-Cola investigating potential large-scale data breach

Data Breach
(Image credit: Shutterstock)

Coca-Cola has confirmed said it is investigating a possible data loss incident, after a Russia-based threat actor started selling data allegedly belonging to the company. 

As reported by The Register, a relatively new threat actor called Stormous listed 161GB of Coca-Cola data on the dark web, for sale to the highest bidder. The group claims to have lifted the data from "some of the company’s servers”.

"We are aware of this matter and are investigating to determine the validity of the claim," Coca-Cola told the publication. "We are coordinating with law enforcement."

The database is on offer for $64,000, or the next best offer, depending on the amount of data the buyer wants.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab)

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.

Potential Coca-Cola breach

The name Stormous first started popping up in early 2022, and then in early March, when the group was linked with a data breach at Epic Games. Allegedly, the group discovered a vulnerability (opens in new tab) in the company’s internal network and used it to steal almost 200GB of data, including data on 33 million users. 

At the time, the group said it would leak information about Epic Games’ employees, but not users. However, as the data never saw the light of day, some cybersecurity experts were speculating that the entire thing was a hoax.

The group has publicly declared its support for Russia’s invasion of Ukraine, stating in a Telegram thread that it will not stand by and watch various threat actors go after Russian organizations and infrastructure. 

"And if any party in different parts of the world decides to organize a cyber-attack or cyber-attacks against Russia, we will be in the right direction and will make all our efforts to abandon the supplication of the West, especially the infrastructure," the group wrote, in Arabic. 

Via The Register (opens in new tab)

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.