(Bloomberg) – British supermarket chain cooperative said hackers were able to access and extract customer data from one of their systems in recent cyber attacks.
“The data accessed includes information related to many of our current and past members,” the company said in a statement Friday. “This data includes personal data of members of the cooperative group, such as names and contact details, and does not include member passwords, bank or credit card details, transactions or information related to the cooperative group's products or services with any member or customer.”
Cames' attacks as a cybercrime gang and at least two British retailers have caused damage over the past two weeks.
A spokesman for the gang, known as Dragonforce, said in an interview with Bloomberg News that IT and its partners are behind the incidents targeting Marks & Spencer, the co-op and Harrods.
The group's motivation was to extort money from victims, a spokesman said. They also claim to have stolen customer data. The attack is the first confirmation that is linked and performed by the same set of links.
Marks & Spencer first announced it had announced in the April 22 “Cyber Event”. Some of the company's systems are infected with Dragonforce's ransomware, which encrypts files stored on a computer, so they are not available.
After the attack, M&S stopped accepting contactless payments and closed online orders. The transaction has not resumed. As companies work hard for the availability of certain items, gaps on the shelves have also been reported.
M&S CEO Stuart Machin apologized for the interruption in a post on Friday, saying the company is working “day and night” to resolve the issue.
On April 30, the British supermarket chain cooperative said it had found unauthorized attempts to access certain of its systems that had “small impact” on certain backend and call center services. The retailer said on Friday it was conducting an investigation with British authorities. “We are continuing to experience malicious attempts by hackers to access our systems,” the co-op said in a statement. “This is a highly complex situation.”
It was followed on May 1, London-based luxury department store Harrods Ltd. revealed that it had tried to compromise its system. The company said it has restricted internet access to its website.
Neither Marks & Spencer, Harrods nor Co-Op immediately responded to a request for comment on Dragonforce's claims.
Experts say the identity of Longforth's creator is unclear, operating like a criminal cartel, renting their malware and infrastructure to other hackers while cutting back on any gains earned through ransomware.
According to Broadcom's cybersecurity unit Symantec, the hackers working with Dragonforce seized more than 90 victims last year and targeted companies in various industries, including healthcare, manufacturing and telecommunications. According to cyber experts, the attacks spanned more than a dozen countries in North America, Europe, the Middle East and Asia.
A Dragonforce spokesman declined to comment on whether they are in talks with UK retailers. They said they usually want victims to pay ransoms, with seven zeros, probably six. “Our job is not destroyed, we just take some money and walk away,” they said.
The gang claimed that it was harvesting a lot of data, which constituted trabytes, which it stole from the UK company and suggested that it would be published online if the payment needs were not met.
The group added that it plans to launch more attacks on the UK retail industry, saying the recent violations are “just the beginning.”
(Update new details from the co-op)
More stories like this are available Bloomberg.com
