UPDATED 22:44 EDT / APRIL 26 2022


Coca-Cola investigating possible Stormous data breach

Coca-Cola Co. is investigating a possible data breach after the Stormous ransomware gang claimed to have hacked the company and stolen data.

Stormous claimed on its dark web page today that it had hacked some of Coca-Cola’s servers and had downloaded 161 gigabytes of data without the company’s knowledge. The group is offering to sell the stolen data for 1.6467 bitcoin, currently worth $63,000.

While the intent of Stormous appears to be financial, the group is strange, to say the least. The decision to hack Coca-Cola was made after the gang ran a poll on its Telegram channel asking members to vote on whom they should target, with Coca-Cola receiving 72% of the vote.

The Stormous ransomware gang first emerged earlier this year in the lead-up to the Russian invasion of Ukraine. Following the invasion, the group said it supported Russia and would target Western companies.

Usually, it would be presumed that Stormous was Russian or linked to the Russian government, but security researchers are not sure. In some of their earlier attacks, the ransom note left by the group was written in Arabic, which Digital Recovery claims may indicate their country of origin. Stormous has claimed to have hacked targets in the U.S. and Europe, including Serta Inc. and Epic Games Inc.

“The alleged data breach of Coca-Cola’s data by Stormous demonstrates that even potential breaches can impact an organization’s brand reputation and necessitate formal media responses by the company,” Neil Jones, director of cybersecurity evangelism at cloud security company Egnyte Inc., told SiliconANGLE. “Although details of the incident are still emerging, an effective incident response plan needs to account for potential attacks that originate from financially motivated cyber-attackers, disgruntled insiders and even competitors who are trying to gain an edge in a critical market.

Amit Shaked, chief executive officer of public cloud data protection company Laminar Ltd., noted that the incident signals that data is no longer a commodity but a currency.

Shaked explained that information within an organization’s network is valuable to businesses and attackers. “With a majority of the world’s data residing in the cloud, it is imperative that security becomes data-centric and solutions become cloud-native,” Shaked added. “Solutions need to be completely integrated with the cloud in order to identify potential risks and have a deeper understanding of where the data resides.”

Photo: Pxhere

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy