Coca-Cola bottler FEMSA attacked by ransomware, data exposed

Coca-Cola FEMSA, a major Coca-Cola bottler in Latin America, has fallen victim to a ransomware attack and data breach.

The threat actor, known as "TheSnake," leaked a portion of Coca-Cola FEMSA's data on a hacking forum, claiming to possess a "Full database Coca-Cola FEMSA" containing sensitive company information, confidential files, and more.

TheSnake warned that the data would gradually become public if not addressed promptly by the company. The exposed data segment was approximately 8.16 GB in size.

TheSnake disclosed that they had infiltrated Coca-Cola FEMSA twice, in April 2022 and June 2023, but did not divulge the specific method used for access.

The stolen data totaling over 200 GB reportedly include

• passwords,
• financial documents,
• invoices,
• supplier information,
• facility data,
• equipment details,
• advertising campaigns,
• employee information,
• backups.

TheSnake indicated that the company negotiated with them and paid $1.5 million to prevent the leak of certain files, while the remainder of the files is available for sale at $65 thousand.

Coca-Cola FEMSA has not released an official report regarding the impact of the attack.