It has been announced that sports firm Puma was hit by a data breach following the ransomware attack that hit Kronos in December 2021. While the breach notification does not mention how many Puma employees had their info stolen during the attack, the information provided to the Office of the Maine Attorney General, in the U.S., reveals that the ransomware operators got their hands-on data belonging to 6,632 individuals.
Puma also said that the documents stolen during the Kronos ransomware attack include Social Security Numbers in filings with the same office. While this incident is serious, it has taken some time to be announced to the public.
Weighing up the issues that this latest data breach presents for Digital Journal is Troy Gill Senior Manager of Threat Intelligence at Zix | AppRiver.
Gill begins his assessment considering the overall impact that this type of cybersecurity event has on a company, noting: “Ransomware is a costly and destructive threat to organizations, and with the increasing rate of ransomware attacks organizations need to be prepared. This ransomware attack effected Puma which uses Kronos, a workforce management provider that suffered a ransomware attack in December 2021 that resulted in over 6,000 of Puma’s employees and their dependents having their personal information stolen and possibly sold online.”
Gill identifies that the Kronos attack also previously affected the payroll of several other companies, including FedEx and Whole Foods.
Looking at things from the U.S. perspective, Gill says: “With tax season upon us, this breach could present an added risk for those effected to fall victim to identity thieves filing fraudulent tax returns. Everyone should be cautious of falling victim to such activity, but especially those whose data has recently fallen into the wrong hands.”
As well as the specific event, Gill says that the incident provides some general and immutable advice to big firms: “This is also a great reminder for organizations to examine their security solutions and evaluate their current authentication practices to ensure they are building the safest habits to protect themselves and sensitive data that they store from bad actors.”
To do rests on good verification procedures, says Gill: “It is critical that authentication controls are not only in place, but that organizations take it a step further by deploying two-factor authentication (2FA). Implementing 2FA provides an extra layer of security by making users confirm their identity, most often via a unique code sent to the user’s phone, email address or through an authenticator app, after entering their username and password. It’s getting easier for cybercriminals to breach even the most complex password, which is why implementing 2FA is critical.”
Gill recommends further: 2To avoid simple errors that could lead to attacks and data theft, organizations should also make it a habit to deploy regular security audits to identify vulnerabilities and other suspicious behavior. Additionally, organizations should routinely back up sensitive date in alternate locations to ensure the company can return to business quickly in the event of a cyberattack.”