mammut.com data breach

mammut.com

What Happened

In May 2025, Swiss outdoor equipment manufacturer Mammut Sports Group (mammut.com) was listed as a victim of the DATACARRY ransomware group, with the incident discovered around May 26–28, 2025. Public breach trackers state that Mammut was attacked via infostealer-driven compromise tied to Datacarry, with indicators such as compromised employee and user credentials and third‑party access points, suggesting exposure of internal data related to employees, customers, and business operations rather than a simple website defacement. Available reports describe data exfiltration and stolen credentials but do not quantify the number of records or precisely enumerate the data types (e.g., specific PII fields), instead noting a leak size marked as “unknown” and no direct download links for the stolen data.

Compromised Assets

  • email
  • full name
  • phone

Check your company's
exposed credentials

Enter your work email to instantly access a free account
and see your company’s exposed credentials.

Related Breaches