Sportswear maker Puma has disclosed that it has been the victim of a data breach
According to a data breach notification filed with the Attorney General’s Office, the attackers also stole personal information belonging to Puma employees and their dependents from the Kronos Private Cloud (KPC) cloud environment before encrypting the data.
KPC is used as a server facility to host Workforce Central, Workforce TeleStaff, Enterprise Archive, TeleTime IP, Extensions for Healthcare (EHC), and FMSI environments.
Thousands affected – almost half of all Puma employees
A letter sent by KPC to affected individuals on Feb. 3 states, “Since the discovery of the attack, Kronos has conducted a comprehensive review of the affected environment to determine if individuals’ personal information has been subject to unauthorized access or acquisition.
Kronos has confirmed that your personal information was included in the data stolen on January 7, 2022. We notified PUMA of this matter on January 10, 2022.
While the breach notice does not mention the number of Puma employees whose information was stolen in the attack, information provided to the Maine Attorney General’s Office reveals that the ransomware group obtained data belonging to 6,632 individuals.
Also, the documents stolen in the Kronos ransomware attack contained Social Security numbers, according to the company.
In addition, those affected by the data breach have been offered a free two-year membership to Experian IdentityWorks, which includes credit monitoring, identity recovery and identity theft insurance.
Puma is one of the world’s leading sports brands, employing 14,300 people worldwide and generating sales of €5.23 billion in 2020.
The attacker also stole the source code of Puma’s internal application in August and sold the data on the data leak portal Marketo.
Kerstin Neuber, senior head of communications at Puma, said Puma’s customer data was not affected.
On January 10, 2022, PUMA North America received notification that one of PUMA’s vendors, UKG/ Kronos, was affected by a ransomware incident. The intrusion occurred only within UKG/ Kronos’ systems, systems on PUMA’s network were not compromised, and PUMA’s customer data was not affected.
The incident was confined to Kronos’ private cloud.
UKG/ Kronos says it has engaged cybersecurity experts and is in contact with those affected.
Comments