Last week, one of Africa’s biggest retailers, Shoprite, was the victim of a ransomware cyberattack. According to a report by TechCrunch, a group called RansomHouse has claimed responsibility for the attack which compromised customer data in Zambia, Namibia and Eswatini (formerly Swaziland).
A ransomware attack is that which holds a user’s information hostage, through encryption, on their own device(s). Hackers usually do this to coerce an individual or an organisation to pay a fee to get their data unencrypted.
RansomHouse revealed that they were the culprits on their Telegram channel according to the same report by TechCrunch. The gang said that it was aiming at organisations with weak security and they obtained 600 GB of data from Shoprite in the ransomware attack which included names and ID numbers, but no financial information or bank account numbers. The data, according to the messages seen by TechCrunch, was in plain text and raw photographs packed in archives which were left completely unprotected.
Shoprite had the following to say about the cyberattack:
The Shoprite Group became aware of a suspected data compromise, impacting on a specific sub-set of data and which may affect some customers who engaged in money transfers to and within Eswatini and within Namibia and Zambia.
Affected customers will receive an SMS to the cell number supplied at the time of the transaction. An investigation was immediately launched with forensic experts and other data security professionals to establish the origin, nature, and scope of this incident.
Additional security measures to protect against further data loss were implemented by amending authentication processes and fraud prevention and detection strategies to protect customer data. Access to affected areas of the network has also been locked down. The data compromise included names and ID numbers, but no financial information or bank account numbers.
The Group has notified the Information Regulator.
Investigations are on-going. The Group is not aware of any misuse or publication of customer data that may have been acquired, however, web monitoring relating to the incident continues.
There is a possibility that the impacted customer data may be used by the unauthorised party and customers are advised to follow these precautionary measures:
– Do not disclose personal information such as passwords and PINs when asked to do so by anyone via telephone, SMS or email.
– Change passwords regularly and never share them with anyone else.
– Verify all requests for personal information and only provide it when there is a legitimate reason to do so.
Should any unauthorised activity be detected, customers should immediately notify the Group or relevant authorities.
The Group sincerely apologises to those affected.
Customers with any questions or concerns may contact 0800 01 07 09 or email firstname.lastname@example.org.Shoprite
A warning for Zimbabwean retailers…
If there was ever a reason to sure up things on the local front this is it. RansomHouse, as previously mentioned, is targeting systems that are poorly protected. Hopefully, this unfortunate event will spur our own local retailers to take precautions and protect customer data…