[TheRecord] Ransomware hits Lojas Renner, Brazil’s largest clothing store chain

Lojas Renner, Brazil’s largest clothing department store chain, said it suffered a ransomware attack that impacted its IT infrastructure and resulted in the unavailability of some of its systems, including its official web store.

The company first disclosed the incident in a filing with the Brazilian stock market on Thursday.

Several Brazilian bloggers and news outlets blew the incident out of proportion by claiming that the attack had forced the company to shut down all its physical stores across the country.

Earlier today, Renner officials filed a second document in order to dispel these rumors and assure shareholders that all stores remained open and that the attack only impacted its e-commerce division.

This was also confirmed by The Record today in interviews with several Brazilians earlier today, who confirmed that Renner stores were still open and processing transactions.

Suspected RansomExx attack

Details about the ransomware incident remain to be confirmed, but one Brazilian blog claimed that the attack on Renner’s infrastructure was carried out by the RansomExx gang, which gained access to Renner servers via Tivit, a major Brazilian IT and digital services provider.

Attack ransomware ? @Lojas_Renner @felipepayao @LabDefCon1 pic.twitter.com/4LtiYxFUR6

— Clandestine (@akaclandestine) August 19, 2021

However, in an interview with CNN Brazil Business, Tivit denied the report and went on the record to state that none of its corporate networks or servers had been breached.

Despite admitting that they’ve been hacked, Renner officials downplayed the severity of the intrusion and claimed that their main database has remained intact and was not encrypted in the attack.

However, it is unclear if the intruders managed to steal data from the hacked servers, which would most likely store information related to the company’s e-commerce stores.

If the RansomExx gang is confirmed to be behind this intrusion, then it’s very likely that they also stole Renner data before encrypting it, which is part of their normal modus operandi. Today, the RansomExx gang is one of the many ransomware operations known for running a “leak site” on the dark web, where they publish data stolen from companies that refuse to pay its ransom demand.

Unconfirmed report claims Renner paid

But just as The Record was preparing to publish this article, an unconfirmed report, citing “unofficial sources,” claimed that Renner paid the hackers $20 million. At the time of writing, this remains to be confirmed, as a Renner spokesperson did not return a request for comment.

Either way, Lojas Renner would be able in a position to pay such a huge ransom demand without breaking a sweat. Today, Lojas Renner is one of the largest South American businesses, operating more than 600 stores across three countries under brands such as Renner, Camicado, Youcom, and Ashua.

The post Ransomware hits Lojas Renner, Brazil’s largest clothing store chain appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[ZDNet] Domain Group says phishing attack targeted site users

All posts, ZDNet

Company CEO said it identified a scam that used a phishing attack to gain access to Domain’s administrative systems to engage with people who have made rental property enquiries. Meanwhile, New Zealand’s Waikato District Health Board has ended day three of disruptions, following a full outage of its IT systems on Tuesday, which reportedly was […]

Read More

[BleepingComputer] Microsoft Edge just got a ‘Super Duper Secure Mode’ upgrade

Microsoft has announced that the Edge Vulnerability Research team is experimenting with a new feature dubbed “Super Duper Secure Mode” and designed to bring security improvements without significant performance losses. […] Source: Read More (BleepingComputer)

Read More

[SecurityWeek] Critical Vulnerabilities Found in AUVESY Product Used by Major Industrial Firms

All posts, Security Week

A total of 17 types of vulnerabilities, including many rated critical and high severity, have been found by researchers in the Versiondog data management product made by AUVESY. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.