Massive pan-Asian retail chain operator Dairy Farm Group that operates numerous brands in Asia market, including Wellcome, Giant, Cold Storage, Hero, 7-Eleven, Rose Pharmacy, GNC, Mannings, Ikea, Maxims, suffered a REvil ransomware attack this month, with hackers demanding $30 million in ransom.
According to the cybersecurity news website Bleeping Computer, it was contacted by a threat actor who claimed to be behind a ransomware attack against Dairy Farm Group that took place around January 14th, 2021. To prove the validity of their claims, the bad actor provided Bleeping Computer a screenshot of the Active Directory Users and Computers MMC from the Dairy Farm network.
The attackers also claimed they still have access to the Dairy Farm ‘s network, including full control over the company’s corporate email, which they plan to use for further phishing attacks.
“They cannot shut down their network because their business will stop. There is a group of revil partners who are still attacking this company, there are more than 30k hosts there,” the threat actor is quoted as saying.
The Dairy Farm representatives confirmed that the company was hit by a cyber attack this month, but said that less than 2 percent of all company devices were affected.
“On Thursday, we identified an incident that impacted less than 2 per cent of our business servers. These were taken offline and isolated. As an additional precaution, we initiated a full and thorough investigation with the support of an external security specialist, introduced additional security measures and strengthened our monitoring systems further,” the company told Bleeping Computer.
Dairy Farm also added that it is not aware of any data being stolen during the attack.