{
	"id": "461a3b87-0d03-4db2-888d-ab49220b65a8",
	"created_at": "2026-04-06T00:20:03.066162Z",
	"updated_at": "2026-04-10T13:11:24.346766Z",
	"deleted_at": null,
	"sha1_hash": "5c55d59b8586b5d23339e1381ce4c5195c96be9f",
	"title": "Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 565977,
	"plain_text": "Sodinokibi Ransomware gang threatens to disclose data from\r\nKenneth Cole fashion firm\r\nBy Pierluigi Paganini\r\nPublished: 2020-02-29 · Archived: 2026-04-05 23:05:15 UTC\r\n Pierluigi Paganini February 29, 2020\r\nNot only Maze ransomware gang, the operators behind Sodinokibi\r\nRansomware allegedly leaked the data of Kenneth Cole Productions.\r\nThe operators behind Sodinokibi Ransomware have published the download links to archives containing data\r\nallegedly stolen from the US firm Kenneth Cole Productions.\r\nThe news was first reported by the Under the Breach research group.\r\nhttps://twitter.com/underthebreach/status/1233162834571296769\r\nSodinokibi (aka REvil) is available in the underground market as a Ransomware-as-a-Service model, the gang\r\nbehind the Sodinokibi ransomware has been very active in the US in recent months, in December, CyrusOne, one\r\nof the major US data center provider, was hit by the same ransomware. In January, Synoptek, a California-based\r\nIT service provider decided to pay the ransom to decrypt its files after being infected with the Sodinokibi\r\nransomware.\r\nhttps://securityaffairs.co/wordpress/98694/malware/sodinokibi-kenneth-cole-data-breach.html\r\nPage 1 of 3\n\nKenneth Cole Productions, Inc. is an American fashion house founded in 1982 by Kenneth Cole.\r\nThe Sodinokibi ransomware operators claim to have stolen over 70,000 documents with financial and work data,\r\nand more than 60,000 records of company customers.\r\nThe Sodinokibi gang requested the payment of a ransom and threatens to leak online the full dump containing\r\nstolen data in case the company will decide to not meet the request.\r\n“Kenneth Cole Productions, you have to hurry,” the ransomware operators said. “When time is up and there is no\r\nfeedback from you, the entire cloud data will be published, including your customers’ personal data.”\r\nIn December, for the first time, the crime gang behind the Maze ransomware, decided to blackmail the victims and\r\nforce them to pay the ransom.\r\nThis move is shocking and brings the ransomware attack to a higher level of threat, we can expect that other\r\ncybercrime gangs will adopt a similar strategy to blackmail the victims and force them to pay the ransom.\r\nOther groups, such as the Nemty Ransomware and BitPyLock gangs adopted the same technique in January 2020.\r\n[adrotate banner=”9″] [adrotate banner=”12″]\r\nPierluigi Paganini\r\n(SecurityAffairs – hacking, Kenneth Cole)\r\n[adrotate banner=”5″]\r\n[adrotate banner=”13″]\r\nhttps://securityaffairs.co/wordpress/98694/malware/sodinokibi-kenneth-cole-data-breach.html\r\nPage 2 of 3\n\nSource: https://securityaffairs.co/wordpress/98694/malware/sodinokibi-kenneth-cole-data-breach.html\r\nhttps://securityaffairs.co/wordpress/98694/malware/sodinokibi-kenneth-cole-data-breach.html\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://securityaffairs.co/wordpress/98694/malware/sodinokibi-kenneth-cole-data-breach.html"
	],
	"report_names": [
		"sodinokibi-kenneth-cole-data-breach.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775434803,
	"ts_updated_at": 1775826684,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/5c55d59b8586b5d23339e1381ce4c5195c96be9f.pdf",
		"text": "https://archive.orkl.eu/5c55d59b8586b5d23339e1381ce4c5195c96be9f.txt",
		"img": "https://archive.orkl.eu/5c55d59b8586b5d23339e1381ce4c5195c96be9f.jpg"
	}
}