Getting breached is the new normal is truism that is getting more and more consolidated with every passing day. The issue is not whether you would be attacked or not, it is only when you will get attacked. Co-op confirms data of 6.5 million members stolen in a cyber attack. Co-op, a UK supermarket chain, is one the world’s largest consumer co-operatives. The data was stolen in a massive cyber attack in April. It shut down systems and it led to food shortages in its grocery stores. BleepingComputer found a link to threat actors associated with Scattered Spider.
Scattered Spider was the group behind the Marks & Spencer (M&S) cyber attack, where DragonForce ransomware was deployed. BBC was able to contact DragonForce about the current attack and surprisingly they have confirmed that one of their affiliates has been behind the attack. DragonForce went ahead to share the data with the BBC. The cyber crooks claimed that Co-op’s corporate and customer data had been stolen during the attack.
When did it all happen? The cyberattack occurred in April. It forced the Co-op to shut down several IT systems to prevent the threat actors from further spreading to devices and ultimately deploying the DragonForce ransomware encryptor. Initially it was not supposed to be a big breach. Co-op initially downplayed as an attempted intrusion into its network. It was later brought to notice that a “significant” amount of data was accessed and stolen during the attack. It was so significant that the CEO ended up saying that the breach felt like a personal attack, not on her, but rather on the Cop’s members and employees.
Only last week the National Crime Agency, NCA, arrested four people suspected of being involved in the attacks on Co-op, M&S, and attempted one on Harrods. Who are the arrested individuals? Two are 19 year old males, one 17 year old male, and a 20 year old female. They were all apprehended in London and the West Midlands. One of the arrested suspects is linked to a 2023 attack on MGM Resorts that resulted in the encryption of over 100 VMware ESXi virtual machines. This attack was also attributed to Scattered Spider, who was working with BlackCat ransomware operation at the time.
WHAT DOES PRIVACY LAWS MEAN ANYWAY?
Sanjay Sahay
Have a nice evening.