One of the largest supermarket chains in Africa, Shoprite, was hit by a ransomware cyberattack last week. A ransomware gang, RansomHouse, has claimed responsibility for the cyberattack on ShopRite, according to a report from Tech Crunch. Shoprite has 2,943 stores, serving millions of customers in South Africa, Nigeria, Ghana, Madagascar, Mozambique, Namibia, DRC, Angola, and other countries.
Ransomware cyberattack on Shoprite
The ransomware attack on Shoprite compromised customer data in Eswatini, Namibia, and Zambia, According to the company; “The data breach includes the name and ID number, but not the financial information or bank account number.” The statement further reads; “Additional security measures to protect against further data loss were implemented by amending authentication processes and fraud prevention and detection strategies to protect customer data.”
According to Tech Crunch, the RamsomHouse’s Telegram message claimed to have obtained 600 gigabytes of data from Shoprite. It is also said to have collected personal data that was in plain text/raw photos packed in archived files, completely unprotected. The ransomware Gand is said to be targeting companies with weak security. The group also claimed to have contacted Shoprite’s management for negotiations and hinted at making the data public in case the talk fails. As per Shoprite’s statement; “Access to affected areas of the network has been locked down. The data compromised included names and ID numbers, but no financial information or bank account numbers.”
RansomHouse group sets up extortion market
RansomHouse operates by publishing evidence of stolen files and leak data of organizations that refuse to make a ransom payment. The gang focuses on breaching networks through alleged vulnerabilities and later blame the companies for not properly securing their network. The ‘About Us’ of RansomHouse page reads; “We believe that the culprits are not the ones who found the vulnerability or carried out the hack, but those who did not take proper care of security. The culprits are those who did not put a lock on the door leaving it wide open inviting everyone in.”