Puma hit by data breach following Kronos ransomware attacks, information of about half of its employees stolen

Puma has been the latest target of threat actors who exploited the vulnerabilities in the Kronos Private Cloud to extract the private information of thousands of Puma's employees.

Sports manufacturer Puma reportedly suffered a data breach after the recent Kronos ransomware attacks. As per reports sharing details of the attacks, the attackers managed to steal the personal information of thousands of Puma employees and their dependents from the Kronos Private Cloud (KPC).

The information has come to light through the data breach notifications filed with several attorney generals' offices earlier in February. A written letter by Kronos to the victims of the data theft on February 3 also elaborates on the data breach. The letter explains that Kronos, after performing a comprehensive review of the situation, found that some of the personal information of several Puma employees was among the stolen data.

Kronos discovered this on January 7, 2022, and notified Puma of the incident on January 10. It didn't, however, mention the total number of Puma employees affected by the data breach in its notification to the firm. This information was provided to the Office of the Main Attorney General. As per the shared details, the ransomware attack led to data theft of a whopping 6,632 Puma employees.

Kronos mentioned the Social Security numbers of Puma employees to be one of the data points stolen during the attack. Other impacted data was the information provided by Puma to Kronos "in connection with the services" it provides to PUMA. In response to a report of the data theft by Bleeping Computers, Puma's Senior Head of Communications Kerstin Neuber confirmed that no Puma customer data was impacted by the ransomware attack.

The data breach, instead, occurred solely within the UKG/ Kronos’ systems. Specifically, it impacted the Kronos’ Private Cloud or KPC as secure storage protected from a wide range of cyberattacks. Since the data theft came to light, UKG/ Kronos has brought in cybersecurity experts to mitigate the effect of the ransomware theft. It has also notified the authorities and communicated with impacted users.

Since the data theft affects about half of all Puma employees, reported to be around 14,300 globally, it can be expected that the firm is following a rapid mitigation strategy against the attack. In addition, the affected users were offered two years of free Experian IdentityWorks membership, which also includes "credit monitoring, identify restoration, and identity theft insurance," the report mentions.