Puma under ransomware attack

The sportswear maker Puma faced a cyberattack where the hackers have demanded a ransom. These attackers have threatened that failure to do so will lead to releasing the stolen files on a dark web portal renowned for the leaking and selling of stolen information.

According to the head of Puma’s corporate communications, Robert-Jan Bartunek Puma’s source code for an internal application was leaked, and no customers or employee data was affected.

Also read: Olympus hit by Ransomware

As per the hackers, they have possession of above 1 GB of Puma data.

The threat actor also leaked some files as samples to add weight to the claims. The structure of these indicates that the hackers might have been gotten access to the company’s data from a Git source code repository.

The data is released on Marketo currently, which is a dark web launched recently to leak data from hacked companies.

In such a setting, site administrators firstly list upcoming victims and then put up the proof, which is usually a small downloadable archive, indicating that the network has been breached.

If the target company fails to cooperate with the threat actors, then the stolen data is leaked on the site. This is either in the form of a free download or a restricted one for VIP members.

The website claims to list data provided by various hacking groups. It also states that it’s not linked to ransomware gangs.

The dark web administrator informed The Record that Puma hasn’t contacted them as yet. And they added that if Puma declines the negotiations, then the rest of the data will be released.

There are many other names listed on the site. Fujitsu also informed ZDNet‘s Jonathan Greig that the data listed on Marketo was not linked to an attack on its network, stating that it would have been obtained from a third party.