Coca-Cola Investigates Potential Data Breach By Russian Hackers

Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.

Coca-Cola Stormous Russia Data Breach Overview: 

• Who: Coca-Cola has launched an investigation after Russian-linked cybercrime gang Stormous claimed to have hacked the company’s servers.
• Why: The ransomware group posted on its website that it had successfully hacked Coca-Cola’s servers and stolen 161 GB of data. The hack may be linked to Coca-Cola’s decision to pull its operations from Russia following the Russian invasion of Ukraine.
• Where: The Coca-Cola Company is based in the United States.

Coca-Cola has launched an investigation after the Russian-linked cybercrime group Stormous issued a public notice that it had hacked the beverage-giant’s servers.

Earlier this week, the ransomware group posted on its website that it had successfully hacked the servers of Coca-Cola and stolen 161 GB of data, InfoSecurity Group reports. 

It was not immediately clear what data had been stolen, but the hackers were offering to sell it for more than $64,000 or 16 million bitcoin.

“We hacked some of the company’s servers and passed a large amount of data inside them without their knowledge, and we want to sell it to someone else,” the hackers said on their website.

It was unclear whether the hack was linked to Coca-Cola’s decision to pull its operations from Russia following the Russian invasion of Ukraine.

After the conflict began, Stormous reportedly issued its full support for Russia’s actions and government, stating its willingness to hack Western infrastructure.

It previously posted a poll asking users which company it would most like them to attack with Coca-Cola receiving 72% of the votes cast, InfoSecurity Group reports.

Coca-Cola says it is now investigating Stormous’ claim and has informed law enforcement about the alleged incident. 

Cybersecurity firms ZeroFox and SOCRadar investigated Stormous group’s claims in February and March, and both noted that none of Stormous’ claims had been verified, SecurityWeek reported. 

The cybersecurity companies pointed out that Stormous’ alleged victims are organizations that had previously been targeted by other threat actors that had already leaked data.

Potential Coca-Cola Breach Comes After Federal Warning to Companies

Last month, President Joe Biden issued an urgent warning over impending Russian cyberattacks, telling U.S. business leaders to immediately strengthen their companies’ cyber defenses as Russia’s potential actions could affect consumers.

Speaking at the Business Roundtable Quarterly Meeting in Washington Mar. 21, Biden told business leaders that Russian President Vladimir Putin was likely to retaliate against the United States’ actions against its invasion of Ukraine in the form of cyberattacks.

The United States is already moving to protect critical infrastructure through new legislative requirements. 

On Mar. 15, President Biden signed into law a new federal cyberattack reporting requirement that will require operators of critical infrastructure to report cybersecurity episodes within 72 hours of them happening.

The Strengthening American Cybersecurity Act of 2022 was created to strengthen U.S. cyberdefenses and increase the power of agencies investigating cybersecurity incidents. 

What do you think of this alleged attack on Coca-Cola? Let us know in the comments!

Read About More Class Action Lawsuits & Class Action Settlements:

• Mailchimp Data Breach Led to Stolen Crypto, Class Action Says
• Pacific Market Research Data Breach $250K Class Action Settlement
• South Shore Hospital Faces Multiple Lawsuits Over Data Breach
• Consulting Firm Class Action Alleges Data Breach Affected Over 100K