[ad_1]
The Co-op membership database is thought to be highly valuable to the company.
Since the BBC contacted Co-op about the hackers’ evidence, the firm has disclosed the full extent of the breach to its staff and the stock market.
“This data includes Co-op Group members’ personal data such as names and contact details, and did not include members’ passwords, bank or credit card details, transactions or information relating to any members’ or customers’ products or services with the Co-op Group,” a spokesperson said.
DragonForce want the BBC to report the hack – they are apparently trying to extort the company for money.
But the criminals wouldn’t say what they plan to do with the data if they don’t get paid.
They refused to talk about M&S or Harrods and when asked about how they feel about causing so much distress and damage to business and customers, they refused to answer.
DragonForce is a ransomware group known for scrambling victims’ data and demanding a ransom is paid to get the key to unscramble it. They are also known to have stolen data as part of their extortion tactics.
DragonForce operates an affiliate cyber crime service so anyone can use their malicious software and website to carry out attacks and extortions.
It’s not known who is ultimately using the DragonForce service to attack the retailers, but some security experts say the tactics seen are similar to that of a loosely coordinated group of hackers who have been called Scattered Spider or Octo Tempest.
The gang operates on Telegram and Discord channels and is English-speaking and young – in some cases only teenagers.
Conversations with the Co-op hackers were carried out in text form – but it is clear the hacker, who called himself a spokesperson, was a fluent English speaker.
They say two of the hackers want to be known as “Raymond Reddington” and “Dembe Zuma” after characters from US crime thriller Blacklist which involves a wanted criminal helping police take down other criminals on a ‘blacklist’.
The hackers say “we’re putting UK retailers on the Blacklist”.
Co-op says it is working with the NCSC and the NCA and said in a statement it is very sorry this situation has arisen.
[ad_2]
Source link