Ransomware victim disclosure
← All victimsPuma
Claimed by Hunters International · listed 9 months ago
Status timeline
- ListedOct 3, 2025
- Data leakeddate unknown
At a glance
- Status
- Data leaked
- Country
- Germany
- Sector
- Consumer Services
- Listed on leak site
- Oct 3, 2025
About the victim
AI dossier — public-source company profilePuma SE is a German multinational corporation headquartered in Herzogenaurach, Germany, that designs, develops, and sells athletic and casual footwear, apparel, and accessories. Founded in 1948 by Rudolf Dassler, Puma is one of the world's largest sportswear manufacturers, operating in more than 120 countries. The company sponsors numerous elite athletes, national teams, and sporting events across football, running, motorsport, and other disciplines.
- Industry
- Sporting Goods & Athletic Apparel
- Address
- PUMA SE, PUMA Way 1, 91074 Herzogenaurach, Germany
- Employees
- 10000+
- Founded
- 1948
Attack summary
Severity: high — Data has been published ('data_published' status) by a known ransomware-as-a-service group against a large, publicly traded multinational, implying confirmed exfiltration of significant business data; however, no explicit detail on regulated PII at scale or volume is provided to elevate to critical.Hunters International claims to have attacked Puma and has published data as part of a disclosed leak; the post does not explicitly detail whether encryption or exfiltration (or both) occurred, nor does it specify the volume of data stolen.
Original description
AI-summarised, not from the leak postPuma is a globally renowned German multinational corporation that designs and manufactures athletic and casual footwear, apparel, and accessories. The company, founded in 1948 by Rudolf Dassler, is one of the top sporting brands worldwide. Puma sponsors numerous high-profile athletes and teams across different sports globally. The headquarters are located in Herzogenaurach, Germany.
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

