Puma Suffers Data Breach Due to Kronos Ransomware Attack
The Ransomware Attack on Kronos Took Place in December 2021.
Workforce management solutions provider Kronos was hit by a ransomware attack back in December 2021 that disrupted many of their cloud-based solutions for weeks.
Kronos is a human resources and workforce management company that provides cloud-based solutions for timekeeping, salaries and benefits, analytics, and other tasks. In 2020, Kronos and Ultimate Software merged to form UKG, a new organization.
The company’s software is used by many industries, including car manufacturers, educational institutions, and local governments. Some of Kronos’ clients are Tesla, Temple University, Community Bank, the San Francisco Municipal Transit Authority, and Puma.
Puma Suffers the Consequences
Now, as per BleepingComputer, we found out that the German multinational corporation that designs and manufactures athletic and casual footwear Puma suffered a data breach following the ransomware attack on Kronos.
According to the data breach notification filled with several attorney generals’ offices earlier this month, the malicious actors also stole confidential data belonging to Puma personnel and their dependents stored on the Kronos Private Cloud (KPC) cloud environment before encrypting it.
What Is KPC?
Kronos Private Cloud (KPC) is characterized by UKG as a secure storage and server facility housed in third-party data centers. This infrastructure is where their Workforce Central, Workforce TeleStaff, TeleTime IP, Enterprise Archive, Extensions for Healthcare (EHC), and FMSI environments are hosted.
Following the incident, a Kronos client affected by the cyberattack told BleepingComputer that they had to start using paper and pencil to cut checks and track timekeeping.
Since the attack was discovered, Kronos has been conducting a comprehensive review of the impacted environment to determine whether any individual’s personal information was subject to unauthorized access or acquisition.
On January 7, 2022, Kronos confirmed that some of your personal information was among the stolen data. We notified PUMA of this incident on January 10, 2022.
While the breach notification does not clarify how many Puma employees’ private data was compromised during the attack, details provided to the Maine Attorney General’s Office discloses that the threat actors managed to access and steal the information of 6,632 people.
According to Puma, Social Security Numbers were also stolen during the ransomware attack.
People who were impacted by this data breach were given two years of free Experian IdentityWorks membership, which includes credit monitoring, identity restoration, and identity theft insurance.
According to BleepingComputer, the attackers also managed to steal source code for an internal Puma application in August and sold it on the Marketo data leak portal. Robert-Jan Bartunek, the head of Puma’s corporate communications, confirmed the cyberattack.
How Can Heimdal™ Help?
Data breaches are very common nowadays and system vulnerabilities usually facilitate hackers’ infiltration. That is why a system should be always updated and have the latest patches applied. But what do you do if you cannot keep always track of what patches need to be applied? You use an automated Patch Management Solution.
Heimdal has this solution and it’s very efficient because it really saves you time. You will always have control over your software inventory, enabling patch management from anywhere in the world. What’s even cooler is the vendor to end-user waiting time, this means that in less than 4 hours the released patches, tested and repackaged, are available in your Heimdal cloud for deployment. Find more on our website!
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Oh my, that’s not good. Was it a sneak attack.