Puma suffers data breach caused by Kronos ransomware attack

Lock on Laptop Screen
(Image credit: Future)

The impact of last year's Kronos ransomware attack is still being felt, with sports equipment company Puma now confirming it has suffered a related breach.

As reported by Bleeping Computer, Kronos filed a breach notification with several attorney generals’ offices earlier this month, which states that the attackers took data on Puma employees and their dependents from the Kronos Private Cloud (KPC).

"Since the attack was discovered, Kronos has been conducting a comprehensive review of the impacted environment to determine whether any individual’s personal information was subject to unauthorized access or acquisition," said a letter delivered to affected Puma employees last week.

"On January 7, 2022, Kronos confirmed that some of your personal information was among the stolen data. We notified Puma of this incident on January 10, 2022."

Puma employees under attack

In the filing provided to the Office of the Maine Attorney General, Kronos said that a total of 6,632 individuals have had their data stolen, including Social Security numbers. 

To mitigate the effects of the data breach, Kronos has offered the affected individuals a care package that includes two years of free Experian IdentityWorks membership (credit card monitoring, identity restoration, and identity theft insurance).

Commenting on the news, Puma's Senior Head of Communications, Kerstin Neuber, said that no Puma customer data was impacted.

Before encrypting all of the data on the target network, ransomware operators usually download as much of it as possible. That way, they can threaten to release the data online if the victim declines to pay the ransom or attempts to restore its systems from backup.

Not only do data leaks mean competitors might edge ahead, but they also mean data watchdogs and other government organizations may come crashing down, demanding heads roll for the breach of privacy.

Nonetheless, many firms choose not to cave in to ransom demands, with a view to disincentivizing future attacks. There is also no guarantee the threat actor will return the stolen data as promised.

Via BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.