What Happened
In May 2025, Swiss outdoor equipment manufacturer Mammut Sports Group (mammut.com) was listed as a victim of the DATACARRY ransomware group, with the incident discovered around May 26–28, 2025. Public breach trackers state that Mammut was attacked via infostealer-driven compromise tied to Datacarry, with indicators such as compromised employee and user credentials and third‑party access points, suggesting exposure of internal data related to employees, customers, and business operations rather than a simple website defacement. Available reports describe data exfiltration and stolen credentials but do not quantify the number of records or precisely enumerate the data types (e.g., specific PII fields), instead noting a leak size marked as “unknown” and no direct download links for the stolen data.



