Kronos Ransomware Attack Stole Data of 6,632 Individuals Including Social Security Numbers from Puma Employees: No Consumers Compromised?

A ransomware attack that happened last year called the Kronos ransomware attack is currently still being felt up to this day. Puma, the popular sports company, has just confirmed that it did, in fact, get affected by the related breach.

Kronos Filed Notifications Regarding the Puma Data Breach

As per an article by Bleeping Computer, Kronos initially filed a notification regarding the breach some time earlier in February to a number of attorney generals' offices. Their notification stated that the attack happened due to dependence on the Kronos Private Cloud by Puma employees.

Puma employees got a letter some time last week saying that Kronos has actually been deeply "conducting a comprehensive review of the impacted environment" ever since the attack was discovered.

6,632 Individuals had Their Data Stolen from the Ransomware Attack

The review by Kronos was made in order to determine if "any individual's personal information was subject to unauthorized access or acquisition." In addition, Kronos had confirmed that a number of the employees' personal information was included in the stolen data on January 7, 2022.

The company noted that they had given Puma a notification regarding the incident as early as January 10, 2022. Kronos said in a filing that was provided to the Office of the Maine Attorney General that 6,632 individuals in total have had their data stolen.

'Social Security Numbers' Included in Stolen Data from Ransomware Attack

The data that was stolen even included "Social Security numbers." In addition, Kronos had also offered to help the affected individuals in order to mitigate the data breach by offering a care package including Experian IdentityWorks membership for two years for free.

According to the story by TechRadar, the package included identity restoration, credit card monitoring, and even identity theft insurance. Kerstin Neuber, Puma's Senior Head of Communications, gave a comment regarding the news.

Puma Head of Communications Says No Customer Data was Impacted by the Breach

As per Kerstin Neuber, there was no Puma customer data that was impacted by the breach. In addition, the ransomware operators usually try to download as much data as they can steal before encrypting all of it on the network they targeted.

By doing this, the hackers can threaten the owners of the data with releasing their data online should the victim decide not to pay the ransom or even try to "restore its systems from backup. With that, data leaks provide competitors an edge.

Read Also: Artist Found Her Art Stolen and Turned Into 86K NFTs Which Raised $300 Million and was Valued at $13.3 Billion

How the Data Breach Could Affect the Public

Data leaks also mean that "data watchdogs and other government organizations" could crash down with the public demanding for heads to roll "for the breach of privacy." In addition, a lot of firms, however, choose not to give into the demands made by the ransoms to disincentivize "future attacks."

As of the moment, there is still no guarantee that the data that was stolen will be returned by the threat actor as promised.

Related Article: 2SV Logins Effectively Halved Chances of Google Accounts Getting Hacked: 150 Million Required in 2021

This article is owned by Tech Times

Written by Urian B.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics