You’ve heard of kidnapping for ransom but have you heard of datanapping for ransom?
Well, it’s happening and everyone’s favourite shopping conglomerate, ShopRite, is rite in the middle of it. In recent news, cyber extortionists have put up ShopRite’s customer data for auction on the dark web.
Earlier this month, ShopRite announced that it had discovered a “possible data breach” in its systems. According to the group, an unauthorised party accessed the data of shoppers from Namibia, Zambia, and Eswatini who transferred money outside South Africa.
A few days after the announcement, RansomHouse, a global cyber extortion group, claimed responsibility for the attack and threatened to leak all the users’ data if ShopRite didn’t pay up.
The cyber terrorists claimed they not only had names and ID numbers of ShopRite’s users but also photos of their government-issued ID, data weighing 600GB in total. To prove it had the data, RansomHouse posted a taste of the data on the dark web, about 365 files weighing over 400MB.
What RansomHouse wants?
As its name suggests, the cyber-terrorist group wanted a ransom in exchange for deleting ShopRite’s data.
Data extortion isn’t new. In fact, it’s on the rise with ransom for data extortion rising from $761,106 in 2020 to $1.85 million in 2021.
For RansomHouse, ShopRite is not the group’s first target. It has targeted at least 5 companies including a government parastatal in Canada.
In all its attacks, the group claims to target network vulnerability instead of ransomware like other cyber extortionists.
With its attack on ShopRite, RansomHouse also claims that the shopping conglomerate’s network was easy to access and barely encrypted. “It’s been quite some time since we encountered something that outrageous. Their staff was keeping enormous amounts of personal data in plain text [and] raw photos packed in archived files, completely unprotected.”
What’s ShopRite saying?c
ShopRite is looking the wrong way.
After announcing the breach earlier this month, ShopRite informed affected users and advised them to change their pins and protect their passwords. The company also said investigations were underway, and that it would implement additional security measures.
RansomHouse also claims that ShopRite has refused to negotiate with them. “We’ve waited long enough for ShopRite to contact us and prevent the further leak, but they could not have cared less about their clients—they’ve only promised to notify everyone involved with an SMS,” RansomHouse said.
From all indications, ShopRite is sticking to its tag: Low prices for everybody.
Big picture: With RansomHouse auctioning off the data on the dark web, several people in southern Africa risk getting their data compromised by nefarious individuals. In more RansomHouse news, the cyber-terrorist group recently added US chipmaker AMD to its victim list after reportedly stealing 450GB of user data.