Coca-Cola investigating data breach claims by Stormous group

Coca-Cola has confirmed that it is looking into reports of possible data hack after Stormous ransomware group said it had stolen data from the beverage maker.

On its dark web portal, Stormous claimed that it had hacked into servers of Coca-Cola and grabbed 161 gigabytes of data without the company's knowledge. The organisation is demanding 1.6467 bitcoin, currently worth $63,000, for the stolen data.

According to BleepingComputer, the files listed by the group include compressed documents, text files containing passwords for admin and emails, payment and account ZIP archives, and other types of sensitive details.

Coca-Cola communications vice president Scott Leith said: "We are aware of this problem and are investigating to establish the authenticity of the allegation."

The name Stormous first appeared in early 2022, and then again in early March, when the gang was tied to a data leak at Epic Games.

The hackers allegedly exploited a weakness in the company's internal network to steal about 200GB of data, including information on 33 million individuals.

The group stated at the time that it would reveal information about Epic Games staff but not users. The data was never released, however, and some cybersecurity experts speculated that the entire thing was a publicity stunt.

Despite the group having claimed that they are a ransomware outfit, the researchers are yet to find any evidence that they are actually deploying file-encrypting software on their victims' machines.

This is the first time that Stormous has released data allegedly stolen from an organisation. Last week, the group urged its Telegram followers to vote on who should be their next victim. The group said they would launch denial-of-service attacks on target network, hack their systems as well as leak software source code and client data.

Coca-Cola was voted to be the winner, receiving 72% of all votes.

Stormous says it took them just a few days to break into the firm.

The researchers currently have no information where the members of the group are based.

Last month, the Stormous team announced their support for the Russian government.

It said in a message posted in English that if "any party in different parts of the world decides to organize a cyber attack or cyberattacks against Russia, we will be in the right direction, will make all our efforts to abandon the supplication of the West, especially the infrastructure."

The group warned that its upcoming operations against countries supporting Ukraine would be "bigger".

It's unclear whether the alleged Coca-Cola attack was motivated in part by the company's decision to completely shut down its activities in Russia following the Kremlin's invasion of Ukraine.

Coca-Cola has not yet said that their data was stolen by a hackers group.

The company says it is working with law enforcement agencies and that the investigation into the alleged hack has not revealed any negative impact on their operations.

Join us at the CyberSecurity Festival 2022, taking place across 3 days in June, where we will come together to learn, collaborate and tackle the biggest technology security challenges. Find out more and register for free.