BBC’s cyber correspondent, Joe Tidy, reported that cyber criminals have claimed that the recent hack against the Co-op is much more severe than the company had initially disclosed. The hackers reached out to the BBC with evidence demonstrating that they had breached the IT networks and stolen significant amounts of customer and employee data. Following the contact from the BBC, a spokesperson for Co-op acknowledged that the hackers had managed to access data pertaining to a large number of current and former members, which contradicts the previous statements made by the company.
The anonymous hackers, operating under the name DragonForce, declared that they possess the private information of approximately 20 million individuals who enrolled in Co-op’s membership program, although the exact figure has not been confirmed by the company. DragonForce also claimed responsibility for the ongoing attack on M&S and an unsuccessful attempt to hack Harrods. Screenshots of an initial extortion message sent to Co-op’s head of cybersecurity on Microsoft Teams chat were revealed by the hackers, where they stated that they had retrieved customer database and Co-op member card data.
Furthermore, the hackers disclosed that they had communicated with other members of Co-op’s executive committee as part of their blackmail scheme against the firm. Co-op, a company with over 2,500 supermarkets, 800 funeral homes, and an insurance business, employs around 70,000 staff across the country. In response to the cyber attack, Co-op implemented additional security measures such as requiring staff to have their cameras on during Teams meetings, forbidding call recording or transcriptions, and verifying the authenticity of all participants to prevent further unauthorized access to internal communications.
The Co-op membership database, believed to be of high value to the company, contains personal information of members like names and contact details, according to a Co-op spokesperson. DragonForce, who are seeking to extort money from Co-op, have not disclosed their intentions if payment is not made. The group, known for carrying out ransomware attacks and data theft, operates an affiliate cybercrime service that enables others to utilize their malicious software and website for similar criminal activities. The hackers, possibly associated with a larger group known as Scattered Spider or Octo Tempest, are English-speaking and predominantly young individuals, potentially teenagers. Co-op has enlisted the help of NCSC and NCA in addressing the breach and expressed regret over the situation
Read the full article from The BBC here: Read More
