therecord.media
Open in
urlscan Pro
2606:4700:4400::ac40:9b4b
Public Scan
URL:
https://therecord.media/cyberattack-disrupts-supermarket-operations-russia
Submission: On June 05 via api from TR — Scanned from DE
Submission: On June 05 via api from TR — Scanned from DE
Form analysis 1 forms found in the DOM
<form><span class="text-black text-sm icon-search"></span><input name="s" placeholder="Search…" type="text" value=""><button type="submit">Go</button></form>Text Content
This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy. Accept * Leadership * Cybercrime * Nation-state * Elections * Technology * Cyber Daily® * Click Here Podcast Go Subscribe to The Record ✉️ Free Newsletter Image: Alexandru Tugui / Unsplash Daryna Antoniuk June 4th, 2024 * News * Cybercrime * * * * * Get more insights with the Recorded Future Intelligence Cloud. Learn more. What is Threat Intelligence? CYBERATTACK DISRUPTS OPERATIONS OF SUPERMARKETS ACROSS RUSSIA A popular Russian discount retail chain with over 1,000 stores nationwide was hit by a cyberattack over the weekend that disrupted its services for several days. The supermarket chain Verny (“loyal” in Russian) confirmed the hack to several local news websites, adding they are still working to fully restore operations. The unknown attackers took down the company's website and mobile app. Due to the attack, Verny’s supermarkets couldn’t process bank cards or receive and deliver online orders, according to the reports. Video shared on Telegram by local customers shows Verny stores across Russia with printed signs on their doors saying they are temporarily accepting cash only. Local employees complained that many customers were frustrated with the cash-only policy and left the supermarket without buying anything. Little is known about the scale of the attack or the culprit. However, the company's general director, Oleg Vysotsky, said in an interview that they suspect the goal was extortion, although he didn't mention if a ransom demand was made. Verny has been operating in Russia for over a decade and employed nearly 11,000 people as of last December. The company's revenue reached nearly 124 billion rubles ($1.3 billion) in 2023, with a net profit of 220 million rubles ($2.4 million). Local commerce experts estimate the company's losses due to the cyberattack could already be at least 300 million rubles ($3 million) and could exceed 500 million rubles ($5.6 million) if operations don't resume within the next two days, according to Russian news website Kommersant. SIMILAR INCIDENTS One week before the cyberattack on Verny, a similar incident hit CDEK, one of Russia's largest delivery companies. Reportedly carried out by a little-known Russian-speaking group called Head Mare, the attack disrupted CDEK's website and mobile app, forcing the company to suspend parcel shipments. The hackers claimed to have encrypted CDEK's servers with ransomware and destroyed backups of their corporate systems. Local security experts believe the attacks on Verno and CDEK might be the work of the same attackers. While Head Mare hasn't claimed responsibility for the Verno hack, some experts suggest attackers may have acted independently rather than as part of the group. "In the current geopolitical climate, anyone could do this," Dmitry Kuzevanov, head of the UserGate monitoring and response center, told Russian news website Izvestia. "Motivations could range from destabilizing the situation by crippling a major Russian retailer to masking their deeper intentions under the smokescreen of such an attack." Following the CDEK attack, two unnamed sources in the retail market told Kommersant that most large retailers have begun additional security checks to identify vulnerabilities in their technology infrastructure related to deliveries and payments. CDEK said it has almost restored normal operations as of Tuesday, however local security experts claim to have found leaked data about the company's activities from April, including invoice numbers, reasons for delivery delays, parcel descriptions, CDEK branch names, and sender information. CDEK denied the leak, saying they store customers’ personal data in a secure, internal database, not in Google Sheets, as the alleged leak suggests. Also on Tuesday, the pro-Ukraine group KibOrg claimed to have stolen 1.5 terabytes of data from the Russian Union of Auto Insurers. This data allegedly includes information about Russian drivers and their cars over the past 15 years. There have been no independent verifications of these claims so far. Previously, KibOrg claimed responsibility for hacking and leaking data from Russian tourism and air travel company Sirena Travel, as well as Russia’s Alfa-Bank. * * * * * Tags * Russia * retail * cyberattack Previous articleNext article Privacy abuses will meet ‘full force of the law’ from new Texas unit, attorney general says Suspected state-sponsored hackers hit 22 Canadian provincial government inboxes Daryna Antoniuk is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post. * Suspected state-sponsored hackers hit 22 Canadian provincial government inboxesJune 4th, 2024 * Privacy abuses will meet ‘full force of the law’ from new Texas unit, attorney general saysJune 4th, 2024 * Mix of federal cyber laws hurts security and competitiveness, businesses tell White HouseJune 4th, 2024 * Cyberattack on telecom giant Frontier claimed by RansomHubJune 3rd, 2024 * Analygence chosen as company to help NIST address backlog at NVDMay 30th, 2024 * EU Parliament member suspected of being paid to promote Russian propaganda May 30th, 2024 * All democracies 'struggling’ with foreign manipulation, warns Estonian presidentMay 30th, 2024 * Ransomware attack on Seattle Public Library knocks out online systemsMay 28th, 2024 * Feds continue to rack up convictions in BEC cases as Georgia man gets 10-year sentenceMay 22nd, 2024 HURDLING OVER HAZARDS: MULTIFACETED THREATS TO THE PARIS OLYMPICS Hurdling Over Hazards: Multifaceted Threats to the Paris Olympics GRU'S BLUEDELTA TARGETS KEY NETWORKS IN EUROPE WITH MULTI-PHASE ESPIONAGE CAMPAIGNS GRU's BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns GITCAUGHT: THREAT ACTOR LEVERAGES GITHUB REPOSITORY FOR MALICIOUS INFRASTRUCTURE GitCaught: Threat Actor Leverages GitHub Repository for Malicious Infrastructure EXPLORING THE DEPTHS OF SOLARMARKER'S MULTI-TIERED INFRASTRUCTURE Exploring the Depths of SolarMarker's Multi-tiered Infrastructure RUSSIA-LINKED COPYCOP USES LLMS TO WEAPONIZE INFLUENCE CONTENT AT SCALE Russia-Linked CopyCop Uses LLMs to Weaponize Influence Content at Scale * * * * * * Privacy * About * Contact Us © Copyright 2024 | The Record from Recorded Future News