stats count
Friday, May 20, 2022
Home Technology Puma hit by data breach after Kronos ransomware attack

Puma hit by data breach after Kronos ransomware attack


Image: Puma

Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronosone of its North American workforce management service providers, in December 2021.

The data breach notification filed with several attorney generals’ offices earlier this month says the attackers also stole personal information belonging to Puma employees and their dependents from the Kronos Private Cloud (KPC) cloud environment before encrypting the data.

Kronos describes KPC as secure storage protected from attacks using firewalls, multi-factor authentication, and encrypted transmissions.

It’s used as a server facility for hosting Workforce Central, Workforce TeleStaff, Enterprise Archive, TeleTime IP, Extensions for Healthcare (EHC), and FMSI environments.

Right after the attack, a Kronos customer impacted in the incident told BleepingComputer that they had to go back to using paper and pencil to cut checks and monitor timekeeping.

Thousands affected, almost half of all Puma employees

“Since the attack was discovered, Kronos has been conducting a comprehensive review of the impacted environment to determine whether any individual’s personal information was subject to unauthorized access or acquisition,” written letters sent to impacted individuals on February 3 say.

“On January 7, 2022, Kronos confirmed that some of your personal information was among the stolen data. We notified PUMA of this incident on January 10, 2022.”

While the breach notification does not mention how many Puma employees had their info stolen during the attack, information provided to the Office of the Maine Attorney General reveals that the ransomware operators got their hands on data belonging to 6,632 individuals.

Puma also said that the documents stolen during the Kronos ransomware attack include Social Security Numbers in filings with the same office.

People affected by this data breach were also offered two years of free Experian IdentityWorks membership, which comes with credit monitoring, identify restoration, and identity theft insurance.

Puma is one of the world’s leading sports brands with 14,300 employees worldwide and € 5.23 billion in sales during 2020.

Hackers also stole source code for an internal Puma application in August and put it up for sale on the Marketo data leak portal. The attack was confirmed by the head of Puma’s corporate communications, Robert-Jan Bartunek.

A Puma spokesperson was not available for comment when contacted by BleepingComputer earlier today.



Source link

RELATED ARTICLES

The Greatest Baseball Spans Ever

OK, so the essential Baseball-Reference has yet another incredibly cool new feature called “Spans,” which allows you to take a look at a...

PFF lists Cowboys rookie Jalen Tolbert as potential breakout candidate

The Dallas Cowboys offense is facing a tall task this season as they look to re-find a version of themselves that...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

The Greatest Baseball Spans Ever

OK, so the essential Baseball-Reference has yet another incredibly cool new feature called “Spans,” which allows you to take a look at a...

PFF lists Cowboys rookie Jalen Tolbert as potential breakout candidate

The Dallas Cowboys offense is facing a tall task this season as they look to re-find a version of themselves that...

Tesla’s stock price is plummeting

Placeholder while article actions loadTesla's stock - and Elon Musk's wealth - took a huge hit Friday, continuing a downward spiral and possibly...

Recent Comments