{
	"id": "211146ab-b2af-4c53-bc7e-2f0cb9422026",
	"created_at": "2026-04-06T00:18:51.033413Z",
	"updated_at": "2026-04-10T03:21:58.043062Z",
	"deleted_at": null,
	"sha1_hash": "be2b4ddebb279626c51da8f44ad3271861babecd",
	"title": "Sodinokibi Ransomware Posts Alleged Data of Kenneth Cole Fashion Giant",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1977362,
	"plain_text": "Sodinokibi Ransomware Posts Alleged Data of Kenneth Cole Fashion\r\nGiant\r\nBy Sergiu Gatlan\r\nPublished: 2020-02-28 · Archived: 2026-04-05 18:14:34 UTC\r\nThe operators behind Sodinokibi Ransomware published download links to files containing what they claim is financial and\r\nwork documents, as well as customers' personal data stolen from giant U.S. fashion house Kenneth Cole Productions.\r\nSodinokibi (aka REvil)  is a Ransomware-as-a-Service operation where the operators manage development of the\r\nransomware and the payment portal used by victims to pay the ransoms, while third-party 'affiliates' are in the business of\r\ndistributing the ransomware to the targets' systems.\r\nWhen victims pay, the ransomware payments are then shared between the affiliates and the Sodinokibi operators.\r\nhttps://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-posts-alleged-data-of-kenneth-cole-fashion-giant/\r\nPage 1 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-posts-alleged-data-of-kenneth-cole-fashion-giant/\r\nPage 2 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nKenneth Cole is a privately held fashion firm headquartered in New York, founded 38 years ago, in 1982, and known as\r\n\"one of the world’s most recognized fashion companies.\"\r\nThreats of publishing all Kenneth Cole stolen data\r\nThe ransomware operators claim to have possession of a huge archive of over 70,000 documents with financial and work\r\ndata, and more than 60,000 records with Kenneth Cole customers' personal information according to the Sodinokibi actors\r\nas a researcher at Under the Breach discovered.\r\nBleepingComputer was told that the leaked data allegedly belonging to Kenneth Cole includes employee severance\r\ninformation, cash projections, and money owed to the company.\r\nSodinokibi also threatens to publish the full data cache if the American fashion house fails to reply to their ransom requests\r\nuntil the ransom's timer runs out.\r\n\"Kenneth Cole Productions, you have to hurry,\" the ransomware operators said. \"When time is up and there is no feedback\r\nfrom you, the entire cloud data will be published, including your customers' personal data.\"\r\nImage: Under the Breach\r\nThis wouldn't be the first time Sodinokibi has published data from their victims as we reported when covering the\r\nransomware attack that impacted US IT staffing company Artech Information Systems in January.\r\nAt the time the ransomware operators also threatened to sell the data they stole from Artech on several data exchange\r\nplatforms known as heavily frequented by cybercriminals.\r\nWhile we were told that the leaked data appears to be legitimate, Kenneth Cole has not responded to our queries to confirm\r\nif and when they were attacked, and whether the data belongs to them.\r\nImage: Under the Breach\r\nStolen data is now used to 'incentivize' victims to pay\r\nhttps://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-posts-alleged-data-of-kenneth-cole-fashion-giant/\r\nPage 3 of 5\n\nCollecting and stealing sensitive data before encrypting systems with ransomware and then leaking the stolen data in stages\r\nuntil the victims give in and pay the ransom is a recently adopted tactic by ransomware gangs.\r\nThis new alarming trend was started by Maze Ransomware in late November 2019 and was soon adopted by\r\nSodinokibi, Nemty Ransomware, and BitPyLock during January 2020.\r\nTo make matters even worse for future ransomware victims, Sodinokibi also recently shared plans to email stock exchanges\r\nlike NASDAQ about attacks on publicly traded companies to hurt their stock, something that can be used as an extra\r\npressure point to convince them to pay ransoms. \r\nJust to get an idea of the scale of the ransoms asked by ransomware gangs during the last six years, the FBI said earlier this\r\nweek at the RSA security conference that victims have paid more than $140 million worth of bitcoins to ransomware\r\noperators based on analysis of collected ransom notes and ransomware bitcoin wallets.\r\nRyuk took first place in a top of ransomware families that raked in $61.26 million in ransoms, way in front of\r\nCrysis/Dharma with $24.48 million and Bitpaymer with $8.04 million.\r\nDespite some of the huge numbers seen by the FBI while analyzing the ransom amounts paid by ransomware victims, it's\r\nimportant to note that the full ransom amount is most probably a lot larger given that the agency didn't have access to all the\r\nwallets and ransom notes.\r\nAlso, many of the victims that got hit by ransomware prefer to keep the attacks under wraps fearing the impact on\r\ntheir stock prices.\r\nhttps://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-posts-alleged-data-of-kenneth-cole-fashion-giant/\r\nPage 4 of 5\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-posts-alleged-data-of-kenneth-cole-fashion-giant/\r\nhttps://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-posts-alleged-data-of-kenneth-cole-fashion-giant/\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-posts-alleged-data-of-kenneth-cole-fashion-giant/"
	],
	"report_names": [
		"sodinokibi-ransomware-posts-alleged-data-of-kenneth-cole-fashion-giant"
	],
	"threat_actors": [],
	"ts_created_at": 1775434731,
	"ts_updated_at": 1775791318,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/be2b4ddebb279626c51da8f44ad3271861babecd.pdf",
		"text": "https://archive.orkl.eu/be2b4ddebb279626c51da8f44ad3271861babecd.txt",
		"img": "https://archive.orkl.eu/be2b4ddebb279626c51da8f44ad3271861babecd.jpg"
	}
}