Africa’s largest supermarket chain, Shoprite Holdings, has suffered a ransomware (opens in new tab) attack that may have put personal user data at risk.
The company issued a statement in which it notified customers in Eswatini, Namibia, and Zambia, of possible compromise.
“Additional security measures to protect against further data loss were implemented by amending authentication processes and fraud prevention and detection strategies to protect customer data,” the statement reads. “Access (opens in new tab) to affected areas of the network has also been locked down. The data compromise included names and ID numbers, but no financial information or bank account numbers.”
Soon after posting the warning, a threat actor known as RansomHouse took responsibility for the attack, the publication says. Allegedly, the group posted an evidence sample, 600GB in size, claiming to be the data it stole from the supermarket’s endpoints.
Not only did they post an evidence sample, but they also took to Telegram to explain how Shoprite’s employees’ lack of cybersecurity practices was “outrageous”. “Their staff was keeping enormous amounts of personal data in plain text, completely unprotected”, the group apparently said. There was no talk of any malware (opens in new tab), or vulnerabilities, abused in the attack.
The group also said it invited the company to negotiate the returns of the data and the payment for the decryption key, but all they did was change their passwords, “like it solves everything”.
In case Shoprite decides not to pay the ransom demand, the data will probably be sold to third parties, or leaked publicly, in case there’s no demand for the data.
Shoprite is the largest supermarket chain on the African continent. It has almost 3,000 stores in a number of countries, including South Africa, Nigeria, Ghana, Madagascar, Mozambique, Namibia, DRC, and Angola, BleepingComputer finds. It has almost 150,000 employees, and revenue of $5.8 billion.