Bought an iPhone in Europe? Your Documents May Already Be for Sale on the Darknet
Apple partners have learned how to "share" your data—with hackers.
The largest Apple reseller in Northern Europe, Humac, has become the latest victim of a cyberattack, revealed after its name appeared on the darknet leak site of the Kraken hacker group. The attackers claim to have stolen confidential data, including financial reports, customer information, and other sensitive materials.
Humac's name was posted on Kraken’s leak platform — a site used by hackers to showcase breaches and pressure victims. According to the hackers, they obtained internal documents, employee records, database samples, and other critical files.
Humac is owned by C&C, an Italian company that is Apple’s largest official partner in Europe, operating over 120 stores across the continent. The data breach could severely impact both the company’s reputation and financial stability.
Experts from Cybernews analyzed the leaked data samples and found them to be authentic. The files include staff information, internal corporate documents, and segments of operational databases.
Security researchers warn that such leaks are especially dangerous for companies closely tied to major global brands. These firms are prime targets for cybercriminals because they store valuable data that can be sold on the black market or used in future attacks.
One major concern is the leak of employee data. Experts suggest that this information could be exploited in targeted phishing campaigns aimed at gaining access to Apple’s internal support systems. There is also a risk that customer data — including contact info, addresses, and financial details — may have been stolen, making it highly attractive to cybercrime groups.
The group behind the breach, Kraken, is a relatively new player in the cybercriminal world, first observed in February 2025. Experts believe Kraken includes former members of the notorious HelloKitty gang, which rebranded as HelloGookie in 2024. Renaming and reorganizing is a common tactic among hacker groups to evade law enforcement.
Since the beginning of 2025, Kraken has attacked at least 13 organizations, indicating a rapid expansion and a growing list of high-profile targets.
