Hackers stole personal data of 230,000 Puma customers

According to representatives of the German sportswear company Puma, the attackers managed to steal personal data of 230,000 customers. The confidential information is currently up for sale on the darknet.

The stolen database includes contact information about the company’s customers: names, email addresses, phone numbers, billing and delivery addresses. According to the hacker, the information was obtained by hacking into Puma’s CMS (Content Management System) in Chile, but security experts have not confirmed this information.

In addition to contact details, the attackers gained access to information about customer purchases: order numbers, payment methods, total amount spent, etc. Puma representatives said that the company is already investigating the incident to determine the cause of the leak and find those involved.

The data leak will allow Puma hackers to conduct targeted phishing campaigns on behalf of a real company. Also, cybercriminals will be able to use customer payment data in other fraudulent schemes.

Stealing confidential data is a common method of hacker attacks. A few days ago, it became known that attackers gained access to personal data of 35,000 PayPal users. And in late December, fraudsters reported the sale of confidential information of 400 million Twitter accounts. The management of WhatsApp messenger faced a similar problem: about 487 million user numbers were put up for sale on the Dark Web. As it became known at the end of November, the data set contained WhatsApp user numbers from 84 countries, almost a quarter of all the messenger’s customers.