Lojas Renner, Brazilian largest clothing store chain, was hit by ransomware

Lojas Renner, the largest Brazilian department stores clothing company, suffered a ransomware attack that impacted its IT infrastructure.

Lojas Renner, the largest Brazilian department stores clothing company, announced to have suffered a ransomware attack that impacted its IT infrastructure.

According to Brazilian news outlets, the company was forced to shut down all its physical stores across the country in response to the attack, but Lojas Renner denied having closed the stores and pointed out that the infection only impacted its e-store.

“The teams remain mobilized, executing the protection and recovery plan, with all their control and security protocols, and working to re-establish all company operations.” reads a statement from the company

Renner operates more than 600 stores across three countries under brands such as Renner, Camicado, Youcom, and Ashua.

The retailer also reported that its main databases were not impacted.

“The company first disclosed the incident in a filing with the Brazilian stock market on Thursday.” reported the TheRecord website.

According to the Brazilian blog TecMundo, the attack against Lojas Renner was orchestrated by RansomExx operators.

Some experts speculated that the ransomware gang hit the company compromising one of its IT services providers, Tivit. However, Tivit explained it has not suffered any attacks on its infrastructure.

At the time of this writing, it is unclear if the retailer has suffered a data breach, the leak site of the RansomExx gang has yet to include the Brazilian group among the list of targeted organizations.

One possible reason is that there is an ongoing negotiation between the ransomware gang and the victim or because Renner opted to pay the ransom as reported by Cointimes.

“Information from unofficial sources said Renner paid R$20 million in cryptocurrencies as a ransom. Initially, the hacker group would have asked for US$1 billion, but after negotiations the amount was reduced (to US$20 million ).” reported the Cointimes.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.