Humac, a leading Apple product reseller in the Nordic region, has been listed on a ransomware gang’s dark web leak site, alongside what appear to be stolen company records.
The company’s name was published on the blog of the Kraken ransomware group, which uses the site to display its latest victims. The attackers claim to have accessed Humac’s financial documents, customer records, and other confidential information.
Humac is owned by Italian firm C&C, the largest Apple Premium Partner in Europe, with more than 120 retail locations across the continent.
Researchers examined the attackers’ claims and found the sample data to appear authentic. The sample included employee records, internal documents, operational files, and database excerpts.
Ransomware incidents like this can be especially damaging to businesses that rely on strategic partnerships with major brands. Attackers often target such organizations because of the sensitive and valuable data they manage.
“Insiders are among the most valuable assets in the fraud ecosystem. Leaked employee data could be used in phishing campaigns designed to gain insider-level access to Apple’s support infrastructure. “Customer data is also highly valuable, including contact details, addresses, and financial information.”
Who is Kraken ransomware?
Kraken is a relatively new player in the ransomware landscape. First detected in February 2025, the group is believed to have formed from the remnants of the HelloKitty ransomware operation.
HelloKitty later rebranded as HelloGookie in April of the previous year, reflecting a common trend among ransomware gangs to change names and structures in an effort to avoid detection and remain active.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
