SHOPRITE HAS BEEN HIT BY AN EXTORTION GANG

Ransomware has infected one of the largest grocery chains in Africa, which serves various nations.?

Last week, the Shoprite Group issued a statement announcing a hack. They discovered a possible data breach that may affect a subset of its customers who do money transfers to and from Eswatini, Namibia, and Zambia. With approximately 149,000 people, the company operates over 2,943 stores in Africa, supplying millions of clients in South Africa, Nigeria, Ghana, Madagascar, Mozambique, Namibia, the Democratic Republic of Congo, Angola, and other nations.?

According to Shoprite, affected consumers will receive an SMS to the mobile number provided at the time of the purchase. Access to the network's affected locations has also been restricted.?Names and ID numbers were among the information stolen, but no financial information or bank account numbers.?

On Tuesday, the ransomware group "Ransom House" claimed responsibility for the attack.?On their Telegram channel, Ransom House openly boasted about its attack on the supermarket chain, claiming that it "was keeping vast amounts of personal data in plain text/raw images packed in archived files, entirely unprotected."?The gang "invited" the corporation to negotiate a ransom by publishing a sample of the data obtained.?

Source: @BrettCallow on Twitter

The ransom organization boasted that all Shoprite did was change passwords "like it solved everything" in a statement (which is usually the first thought when one senses something threatening; most times, it feels like it solves everything).?In a more threatening tone, the ransom gang stated that until the company's (ShopRite) position changes, most of its data would be sold, with something made public.?

In addition to KYC data, we received much more intriguing information from tv-+

he company. "Yes, they like to leave many things vulnerable," remarks from RansomHouse.

ShopRite is listed as a victim on RansomHouse extortion site

SOURCE : BleepingComputer

To redeem itself, Shoprite announced that it had changed "authentication methods" and "fraud prevention and detection strategies" to protect client information. However, customers were told that the stolen information might be used to swindle them, and they were reminded to never provide sensitive information such as passwords through email, phone, or text.?The Shoprite Group did not respond to demands for comment but did say it had reported the issue to South Africa's Information Regulator. Because the company hasn't disclosed any business disruption or operational issues, it's possible they aren't dealing with a data encryption issue.?Still, the issue of stolen data exists, and Shoprite has warned clients in its announcement that third parties could utilize that data.

Previously, the gang claimed responsibility for ransomware attacks on the Saskatchewan Liquor and Gaming Authority, Jefferson Credit Union, AHS Aviation Handling Services, and other organizations.?According to a Cyberint investigation published last month, the group claimed to be a platform for other ransomware gangs rather than a ransomware gang.?

The gang is linked to the White Rabbit malware, and the APT group Fin 8.

A screenshot showing another organization affected