Lojas Renner, the largest Brazilian department stores clothing company, announced to have suffered a ransomware attack that impacted its IT infrastructure.
According to Brazilian news outlets, the company was forced to shut down all its physical stores across the country in response to the attack, but Lojas Renner denied having closed the stores and pointed out that the infection only impacted its e-store.
“The teams remain mobilized, executing the protection and recovery plan, with all their control and security protocols, and working to re-establish all company operations.” reads a statement from the company
Renner operates more than 600 stores across three countries under brands such as Renner, Camicado, Youcom, and Ashua.
The retailer also reported that its main databases were not impacted.
“The company first disclosed the incident in a filing with the Brazilian stock market on Thursday.” reported the TheRecord website.
According to the Brazilian blog TecMundo, the attack against Lojas Renner was orchestrated by RansomExx operators.
Some experts speculated that the ransomware gang hit the company compromising one of its IT services providers, Tivit. However, Tivit explained it has not suffered any attacks on its infrastructure.
At the time of this writing, it is unclear if the retailer has suffered a data breach, the leak site of the RansomExx gang has yet to include the Brazilian group among the list of targeted organizations.
One possible reason is that there is an ongoing negotiation between the ransomware gang and the victim or because Renner opted to pay the ransom as reported by Cointimes.
“Information from unofficial sources said Renner paid R$20 million in cryptocurrencies as a ransom. Initially, the hacker group would have asked for US$1 billion, but after negotiations the amount was reduced (to US$20 million ).” reported the Cointimes.
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, ransomware)
[adrotate banner=”5″]
[adrotate banner=”13″]
Security researchers at Citizen Lab revealed that Paragon's Graphite spyware can hack fully updated iPhones…
Two vulnerabilities in SinoTrack GPS devices can allow remote vehicle control and location tracking by…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wazuh, and WebDAV flaws to its Known…
Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and…
INTERPOL announced that a joint operation code-named Operation Secure took down 20,000+ malicious IPs/domains tied…
A critical remote code execution (RCE) vulnerability in Roundcube was exploited days after patch, impacting…
This website uses cookies.
