Coca-Cola, the world’s largest soft drink maker, has confirmed in a statement to BleepingComputer that it is aware of reports of a cyberattack on its network and is currently investigating the allegations.
The US beverage giant began investigating after the Stormous gang said it managed to breach some of the company’s servers and stole 161GB of data.
The threat actors listed a cache of the data for sale on their leak site, asking for 1.65 Bitcoin, currently converted to around $64,000.
Listed files include compressed documents, administrator text files, emails and passwords, account and payment ZIP files, and other sensitive information.
who is stormy
Although they claim to be a ransomware group, there is no indication at this time that they are deploying file-encrypting malware on their victims’ networks.
Closer to a data extortion group, Stormous has stated that he would take action against hacker attacks against Russia in the wake of the invasion of Ukraine.
This is the first time Stormous has published a stolen dataset. Last week, the gang asked their supporters to vote on who should be their next victim.
The attack promised denial of service, hacking, leaking of software source code and customer data. Coca-Cola won the poll with 72% of the vote. The gang said it took them just a few days to breach the company.
Coca-Cola and the other victim choices in the Stormous poll show an anti-Western stance. Previously, the group claimed that Epic Games was their victim.
They announced that they stole 200 gigabytes of data and details of 33 million users of the Epic store and games. However, there has been no confirmation on the legitimacy of the data, so Stormous’s reputation on these claims has yet to be established.
Coca-Cola has not confirmed that its data was stolen. The company told BleepingComputer that it is currently collaborating with law enforcement and that the investigation into the alleged Stormous attack has yet to reveal a negative impact.