Coca-Cola is investigating claims of a large-scale data breach by Russian-linked cybercrime gang Stormous.
The ransomware group posted on its website this week that it had successfully hacked the servers of the soft drinks giant and stolen 161GB of data. It also offered the data for sale for more than $64,000, or 16 million bitcoin.
Stormous did not specify the type of data it stole.
Stormous’ statement read: “We hacked some of the company’s servers and passed a large amount of data inside them without their knowledge and we want to sell it to someone else. You will win and we will win. You will also contact us! We will explain more Good deal, we’ll give you the right to pay the amount you want depending on the amount of data you want! Click on the picture to contact us or via our email.”
Coca-Cola said it is now investigating Stormous’ claim and has informed law enforcement about the alleged incident. In a statement to The Record, Coca-Cola communications vice president Scot Leith said: “We are aware of this matter and are investigating to determine the validity of the claim.”
It is unclear whether the alleged hack was partly motivated by Coca-Cola’s decision to close its operations in Russia entirely following the Kremlin’s invasion of Ukraine. Shortly after the conflict began, Stormous issued its full support for Russia’s actions. It stated: “The STORMOUS team has officially announced its support for the Russian governments. And if any party in different parts of the world decides to organize a cyberattack or cyberattacks against Russia, we will be in the right direction and will make all our efforts to abandon the supplication of the West, especially the infrastructure. Perhaps the hacking operation that our team carried out for the government of Ukraine and a Ukrainian airline was just a simple operation but what is coming will be bigger!!”
The group previously posted a poll on Telegram asking users which company it would most like them to attack. Coca-Cola came out on top, receiving 72% of the votes cast.
Commenting on the story, Neil Jones, director of cybersecurity evangelism at Egnyte said: “The alleged data breach of 161 GB of Coca-Cola’s data by Stormous demonstrates that even potential breaches can impact an organization’s brand reputation and necessitate formal media responses by the company. Although details of the incident are still emerging, an effective incident response plan needs to account for potential attacks that originate from financially-motivated cyber-attackers, disgruntled insiders and even competitors who are trying to gain an edge in a critical market.”