The parent organization of supermarket chains Delhaize and Albert Heijn has been hit by a Russian cyberattack. 6 TB of ‘sensitive’ data has been stolen.
The Russian hacker collective INC Ransom claims to have stolen 6 terabytes of ‘sensitive’ data from Ahold Delhaize, the parent organization that includes supermarket chains Delhaize and Albert Heijn. The hackers have already released a ‘preview’ on the dark web and are threatening to leak the entire database.
Ahold Delhaize acknowledged the hack last week and states that the incident occurred in November. The attackers most likely breached the American servers. “Based on our investigation so far, our understanding is that files were extracted from some of our internal U.S. business systems,” Ahold Delhaize says in a statement via VRTNWS. The group operates supermarkets across Europe, the United States, and Indonesia.
Personal Data
It’s still unclear what data the hackers have put in their shopping cart. This is still being investigated thoroughly, Ahold Delhaize states, having called in the help of external experts. The preview includes non-disclosure agreements and identification documents, among other things. Ahold Delhaize promises to communicate honestly if the attack would impact personal data. The physical and online stores of Delhaize and Albert Heijn remain operational.
The parent organization reportedly informed (former) employees about the incident via email, according to Tweakers. In the email, staff who were active around 2021 in one of the affected stores, which include not only Delhaize and Albert Heijn but also Etos and Gall Gall, are warned that personal data may have been stolen. This includes names, bank account numbers, and the salaries they received as of April 2021. The cyberattack may therefore also have consequences for personnel in Belgium and the Netherlands.
INC Ransom is not unknown to international law enforcement agencies. The group has explicitly surfaced since July 2023 and appears to be one of the ‘successors’ to Lockbit. Although the origin of the hackers is not proven, there are very strong suspicions that they come from Russia.
read also
A Look into the Russian Cyber Underworld: Reputation, Strict Rules, and Internal Conflict
This article originally appeared on April 18 and has been updated with the latest information.