Coca-Cola Co. is investigating a possible data breach after the Stormous ransomware gang claimed to have hacked the company and stolen data.

Stormous claimed on its dark web page today that it had hacked some of Coca-Cola’s servers and had downloaded 161 gigabytes of data without the company’s knowledge. The group is offering to sell the stolen data for 1.6467 bitcoin, currently worth $63,000.

While the intent of Stormous appears to be financial, the group is strange, to say the least. The decision to hack Coca-Cola was made after the gang ran a poll on its Telegram channel asking members to vote on whom they should target, with Coca-Cola receiving 72% of the vote.

The Stormous ransomware gang first emerged earlier this year in the lead-up to the Russian invasion of Ukraine. Following the invasion, the group said it supported Russia and would target Western companies.

Usually, it would be presumed that Stormous was Russian or linked to the Russian government, but security researchers are not sure. In some of their earlier attacks, the ransom note left by the group was written in Arabic, which Digital Recovery claims may indicate their country of origin. Stormous has claimed to have hacked targets in the U.S. and Europe, including Serta Inc. and Epic Games Inc.

#Stormous claims responsibility for Coca-Cola's ransomware attack. They are allegedly selling 161 GB of data allegedly belonging to Coca-Cola…#Ransomware #RansomwareGroup pic.twitter.com/xCSHwdVQpR

— BetterCyber (@_bettercyber_) April 25, 2022

“The alleged data breach of Coca-Cola’s data by Stormous demonstrates that even potential breaches can impact an organization’s brand reputation and necessitate formal media responses by the company,” Neil Jones, director of cybersecurity evangelism at cloud security company Egnyte Inc., told SiliconANGLE. “Although details of the incident are still emerging, an effective incident response plan needs to account for potential attacks that originate from financially motivated cyber-attackers, disgruntled insiders and even competitors who are trying to gain an edge in a critical market.

Amit Shaked, chief executive officer of public cloud data protection company Laminar Ltd., noted that the incident signals that data is no longer a commodity but a currency.

Shaked explained that information within an organization’s network is valuable to businesses and attackers. “With a majority of the world’s data residing in the cloud, it is imperative that security becomes data-centric and solutions become cloud-native,” Shaked added. “Solutions need to be completely integrated with the cloud in order to identify potential risks and have a deeper understanding of where the data resides.”

Photo: Pxhere