Coca-Cola’s largest distributor hit with hacker attack, Salesforce data exposed

Last updated: 23 May 2025
Coca-Cola Europacific Partners data breach
Photo by Xavi Lopez via Getty.

Coca-Cola Europacific Partners, world’s largest Coca-Cola bottler, allegedly suffered a data breach. The hack has likely impacted the company’s Salesforce, a customer relationship management (CRM) platform.

Attackers posted the company data on a well-known data leak forum that threat actors use to share stolen information. The post alleged that over 64 gigabytes of data were taken, made up of 23 million records.

UK-headquartered Coca-Cola Europacific Partners is one of the largest Coca-Cola products distributors in the world, operating 42 bottling plants worldwide. The company’s revenue for 2024 exceeded $23 billion.

ADVERTISEMENT

We have reached out to the company for a comment and will update the article once we receive a reply.

Coca-cola post
Attackers' post on a data leak forum. Image by Cybernews.

The Cybernews research team investigated data samples hackers shared, concluding the information appears to be legitimate, representing a period spanning 2016 through 2025. However, the data sample is limited in size and does not cover the entire multi-million-record-strong database.

Information likely comes from Salesforce, a popular CRM platform. It’s possible that attackers accessed the company’s Salesforce account and did not breach Coca-Cola Europacific Partners' systems.

According to the team, the supposedly leaked details include:

  • Accounts
  • Sales cases
  • Contacts
  • Products
  • Customer addresses
  • Phone numbers
  • Order Ids
  • Summaries
Sample
Sample of the supposedly leaked data. Image by Cybernews.

“The leak doesn’t appear to be overly 'spicy.’ It seems the threat actors gained access to the Salesforce platform where Coca-Cola Europacific Partners processes the orders,” the team said.

ADVERTISEMENT

While the data sample attackers provided is limited, there are still cybersecurity implications of leaking this type of data. For one, attackers could utilize details for identity theft, phishing attacks, and corporate espionage. At the same time, customer addresses could be exploited for various fraud schemes.

Attackers behind the alleged breach claim to be the same group responsible for the Samsung Germany data breach earlier this year, which exposed 270,000 customer tickets.

Interestingly, it’s the second time the Coca-Cola brand has gotten hacker attention this week. Yesterday, nearly a thousand soft drink makers’ employees had their details exposed alongside confidential internal documents. The attack was claimed by the Everest ransomware cartel.

Stefanie Ernestas Naprys Paulina Okunyte Gintaras Radauskas
Stay informed and get our latest stories on Google News
Google News Follow us

Share
Post
Share
Share
Share
More from Cybernews
Most cyber incidents stem from the same 10% of employees, study finds
Popular fitness app Fitify exposes 138K user progress photos
California mulls banning AI companions like Grok's "waifu"
WeTransfer changes its terms again after being suspected of fishy use of content
Former US soldier pleads guilty to hacking telecom companies
“I know what normal looks like:” Microsoft trains AI to scan breasts
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked