In the past few years, disruptive cyberattacks on retailers have become more common. Besides these companies having advanced cybersecurity measures being implemented, but still, cybercriminals tend to install malware to get hold of the confidential customer information leading to massive data breaches. According to Bloomberg, nearly 400 million customer records were exposed through the attacks on these companies.
Recently, the Cyble Research Team came across a leak post in which the Netwalker ransomware operators allegedly breached Canadian Tire and in possession of sensitive data of one of their stores located in Kelowna, Canada.
Founded in the year 1922, Canadian Tire is a retail company that operates in the automotive, hardware, sports, leisure, and housewares sectors. With 1686 store outlets, around 58,000 employees the company has been earning annual revenue of around $14.534 billion.
Netwalker operators have claimed the attack through the message posted on their online blog-:
The Netwalker group has also shared a few screenshots to support their claim in which you can spot data folders and files such as employee details, financial statements, bank reconciliation statements, staff login credentials, manager data, and much more. Below are the snapshots of the sample of the data leak of Canadian Tire.
It seems that the Netwalker ransomware group would tend to publish the company’s sensitive data within a period of 8 days.
Tips on how to prevent ransomware attacks –
- Never click on unverified/unidentified links
- Do not open untrusted email attachments
- Only download from sites you trust
- Never use unfamiliar USBs
- Use security software and keep it updated
- Backup your data periodically
- Isolate the infected system from the network
- Use mail server content scanning and filtering
It is recommended to follow above mentioned prevention methods and never pay the ransom.
Cyble is an Atlanta, US-based, global premium cyber-security firm with tools and capabilities to provide near real-time cyber threat intelligence.
Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.
This monitoring and notification platform gives the average consumer insights into their personal cybersecurity issues, allowing them to take action then as needed. It has recently earned accolades from Forbes as being the top 20 cyber-security companies to watch in 2020.