Supermarket chain Spinneys said it is looking into claims on Twitter that a ransomware group had published data taken from its internal server.
A series of tweets by ransomware monitoring account Ransom Watcher on Tuesday said that the Clop ransomware group published Spinneys data.
“Spinneys is aware of unverified emails being sent out from unidentifiable email addresses stating that a ransomware group may have leaked data hacked from our internal server on July 16,” the retailer said in a statement to The National.
“We continue to work closely with the e-crime department at Dubai Police to investigate the matter and keep our customers up-to-date.”
As more businesses adopt hybrid work models and undertake a rapid digital transformation to cope with coronavirus challenges, they are also more exposed to cyber threats.
Ransomware is malware that is designed to deny users or organisations access to their online data and files stored in computers or servers. All data is encrypted, and criminals demand payment for the decryption key.
More than 80 per cent of UAE organisations said they have the staff required to effectively manage a ransomware cyber attack, matching the global average, a June survey by Boston-based security company Cybereason found.
About 67 per cent of UAE respondents also said they have a plan in place to counter any potential ransomware attempt, compared with 72 per cent globally, the study revealed.
The main goal of Clop ransomware is to encrypt all files in an enterprise and demand a payment to receive a decryptor to re-access the affected files, according to a blog post by computer security software company McAfee.
Clop ransomware emerged in 2019, when it became a prevalent threat to organisations and businesses, according to cloud cyber security service company Mimecast. Clop ransomware also threatens to leak confidential information if no ransom is paid, it said.
To date, it is estimated that Clop ransomware has extorted more than $500 million from organisations, including multinational energy companies and at least two prominent US universities, according to Mimecast.
“Clop ransomware typically goes after assets like data backups, vouchers, email lists, financial records or other confidential information. Once Clop gains access to the data, the cybercriminals often leak portions of it to prove that they have access and threaten to leak more if the ransom is not paid,” it said.
The criminals behind Clop often set their sights on organisations with large budgets and demand high ransoms, some as much as $20m, according to Mimecast.
“Just like many other groups involved in human-operated ransomware attacks, Clop leverages the so-called double-extortion technique,” Oleg Skulkin, head of digital forensics and incident response team at cyber security company Group-IB, said.
“The Clop operators not only deploy cryptolockers, but also exfiltrate victims’ sensitive data. If the victim refuses to pay, the data is posted on a Dedicated Leak Site [DLS]. These sites may be available either via the dark web or even regular web.”
The Clop ransomware gang became the seventh-most active in the world with 107 victims uploaded on DLS between the first quarter of 2021 and the first quarter of 2022, according to the Ransomware Uncovered 2021/2022 report.
“We have observed their attacks in the UAE, Singapore, Netherlands, the US, Germany, Canada, the UK, India, France, Japan and other countries,” Mr Skulkin said.
“In June 2021, six Clop ransomware affiliates involved in cash-out services were arrested in Kyiv, Ukraine.”
Spinneys earlier said that some customer data stored for online delivery details was exposed to hackers during a security breach on July 16.
However, the retailer said no personal banking information of customers was compromised in the hacker attack as it does not store banking details on its internal servers.
“As has previously been confirmed, hackers accessed an internal server that contained customer data, including names, email addresses, mobile numbers, delivery addresses and previous order details,” Spinneys said.
“We urge our customers to remain vigilant against cyber criminals and deal only with people they trust. We are committed to handling our customers’ personal information responsibly and diligently at all times, and we deeply regret that this incident has occurred.”
GOLF’S RAHMBO
- 5 wins in 22 months as pro
- Three wins in past 10 starts
- 45 pro starts worldwide: 5 wins, 17 top 5s
- Ranked 551th in world on debut, now No 4 (was No 2 earlier this year)
- 5th player in last 30 years to win 3 European Tour and 2 PGA Tour titles before age 24 (Woods, Garcia, McIlroy, Spieth)
TOUR DE FRANCE INFO
Dates: July 1-23
Distance: 3,540km
Stages: 21
Number of teams: 22
Number of riders: 198
Killing of Qassem Suleimani
FROM%20THE%20ASHES
%3Cp%3EDirector%3A%20Khalid%20Fahad%3C%2Fp%3E%0A%3Cp%3EStarring%3A%20Shaima%20Al%20Tayeb%2C%20Wafa%20Muhamad%2C%20Hamss%20Bandar%3C%2Fp%3E%0A%3Cp%3ERating%3A%203%2F5%3C%2Fp%3E%0A
The BIO:
He became the first Emirati to climb Mount Everest in 2011, from the south section in Nepal
He ascended Mount Everest the next year from the more treacherous north Tibetan side
By 2015, he had completed the Explorers Grand Slam
Last year, he conquered K2, the world’s second-highest mountain located on the Pakistan-Chinese border
He carries dried camel meat, dried dates and a wheat mixture for the final summit push
His new goal is to climb 14 peaks that are more than 8,000 metres above sea level
The%20specs
%3Cp%3E%3Cstrong%3EEngine%3A%20%3C%2Fstrong%3ESingle%20front-axle%20electric%20motor%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E218hp%3Cbr%3E%3Cstrong%3ETorque%3A%20%3C%2Fstrong%3E330Nm%3Cbr%3E%3Cstrong%3ETransmission%3A%20%3C%2Fstrong%3ESingle-speed%20automatic%3Cbr%3E%3Cstrong%3EMax%20touring%20range%3A%20%3C%2Fstrong%3E402km%20(claimed)%3Cbr%3E%3Cstrong%3EPrice%3A%20%3C%2Fstrong%3EFrom%20Dh215%2C000%20(estimate)%3Cbr%3E%3Cstrong%3EOn%20sale%3A%20%3C%2Fstrong%3ESeptember%3C%2Fp%3E%0A
The burning issue
The internal combustion engine is facing a watershed moment – major manufacturer Volvo is to stop producing petroleum-powered vehicles by 2021 and countries in Europe, including the UK, have vowed to ban their sale before 2040. The National takes a look at the story of one of the most successful technologies of the last 100 years and how it has impacted life in the UAE.
Read part four: an affection for classic cars lives on
Read part three: the age of the electric vehicle begins
Read part one: how cars came to the UAE
The five pillars of Islam
1. Fasting
2. Prayer
3. Hajj
4. Shahada
5. Zakat
Profile box
Company name: baraka
Started: July 2020
Founders: Feras Jalbout and Kunal Taneja
Based: Dubai and Bahrain
Sector: FinTech
Initial investment: $150,000
Current staff: 12
Stage: Pre-seed capital raising of $1 million
Investors: Class 5 Global, FJ Labs, IMO Ventures, The Community Fund, VentureSouq, Fox Ventures, Dr Abdulla Elyas (private investment)
Brolliology: A History of the Umbrella in Life and Literature
By Marion Rankine
Melville House
SPEC%20SHEET%3A%20APPLE%20M3%20MACBOOK%20AIR%20(13%22)
%3Cp%3E%3Cstrong%3EProcessor%3A%3C%2Fstrong%3E%20Apple%20M3%2C%208-core%20CPU%2C%20up%20to%2010-core%20CPU%2C%2016-core%20Neural%20Engine%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EDisplay%3A%3C%2Fstrong%3E%2013.6-inch%20Liquid%20Retina%2C%202560%20x%201664%2C%20224ppi%2C%20500%20nits%2C%20True%20Tone%2C%20wide%20colour%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EMemory%3A%3C%2Fstrong%3E%208%2F16%2F24GB%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStorage%3A%3C%2Fstrong%3E%20256%2F512GB%20%2F%201%2F2TB%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EI%2FO%3A%3C%2Fstrong%3E%20Thunderbolt%203%2FUSB-4%20(2)%2C%203.5mm%20audio%2C%20Touch%20ID%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EConnectivity%3A%3C%2Fstrong%3E%20Wi-Fi%206E%2C%20Bluetooth%205.3%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EBattery%3A%3C%2Fstrong%3E%2052.6Wh%20lithium-polymer%2C%20up%20to%2018%20hours%2C%20MagSafe%20charging%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ECamera%3A%3C%2Fstrong%3E%201080p%20FaceTime%20HD%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EVideo%3A%3C%2Fstrong%3E%20Support%20for%20Apple%20ProRes%2C%20HDR%20with%20Dolby%20Vision%2C%20HDR10%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EAudio%3A%3C%2Fstrong%3E%204-speaker%20system%2C%20wide%20stereo%2C%20support%20for%20Dolby%20Atmos%2C%20Spatial%20Audio%20and%20dynamic%20head%20tracking%20(with%20AirPods)%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EColours%3A%3C%2Fstrong%3E%20Midnight%2C%20silver%2C%20space%20grey%2C%20starlight%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EIn%20the%20box%3A%3C%2Fstrong%3E%20MacBook%20Air%2C%2030W%2F35W%20dual-port%2F70w%20power%20adapter%2C%20USB-C-to-MagSafe%20cable%2C%202%20Apple%20stickers%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EPrice%3A%3C%2Fstrong%3E%20From%20Dh4%2C599%3C%2Fp%3E%0A
How it works
Booklava works on a subscription model. On signing up you receive a free book as part of a 30-day-trial period, after which you pay US$9.99 (Dh36.70) per month to gain access to a library of books and discounts of up to 30 per cent on selected titles. You can cancel your subscription at any time. For more details go to www.booklava.com
