More than 1GB of Puma source code data stolen by hackers; customer information not affected

September 21, 2021
Puma 1GB source code data stolen hackers dark web

Puma, a German multinational firm that manufactures athletic apparel, has recently been attacked by hackers who have stolen their data. The hackers threaten the company to distribute their private information through the dark web if they do not pay the ransom demand. 

Researchers have also learned that Puma’s stolen information, specifically their source code for internal application, had already been leaked on the dark web portal by the end of August. However, it was highlighted that no employee or client data was affected by the attack.

 

Reports say that over 1GB of Puma data had been stolen as claimed by the hackers. 

 

These threat actors had to prove their claims by leaking some sample data from the files they had stolen from Puma. And based on the structure of the leaked partial data structure, it might have been through a Git source code repository that the attackers managed to acquire or steal the company’s data. 

The stolen data can be found and listed on Marketo – a simplistic-fashioned dark web portal launched last April this year.  

The Marketo dark web portal administrators operate by initially listing their upcoming victims and then adding theft pieces of evidence or proof that they have managed to intrude on the victim’s network. The proofs are usually uploaded in a small-sized downloadable archive format. Next, the threat actors will threaten the victims by exposing the stolen data on the platform either as a free download for all or for VIP members, unless the victims cooperate and pay the ransom demand. 

Nonetheless, the administrators claim that they are not working with ransomware gangs and provide their data through several hacking groups. 

The threat actors of the dark web leak portal have told the researchers that Puma has not yet reached out to them to negotiate. If the company declines to cooperate with them, they threaten to release the rest of Puma’s data on the platform. 

Aside from Puma, other company names listed on the dark web portal include Fujitsu, Kawasaki, and a lot more others that can be counted to be over 20. 

About the author

Leave a Reply