Spinneys dismisses claims that ransomware group is leaking its data

Supermarket chain Spinneys dismissed claims on Twitter that a ransomware group had published data taken from its internal server.

A series of tweets by ransomware monitoring account Ransom Watcher on Tuesday said that the Clop ransomware group published Spinneys data.

“Spinneys is aware of unverified emails being sent out from unidentifiable email addresses stating that a ransomware group may have leaked data hacked from our internal server on July 16,” Tom Harvey, general manager of Spinneys Dubai, told The National.

“We continue to work closely with the e-crime department at Dubai Police to investigate the matter and keep our customers up-to-date.”

As more businesses adopt hybrid work models and undertake a rapid digital transformation to cope with coronavirus challenges, they are also more exposed to cyber threats.

Ransomware is malware that is designed to deny users or organisations access to their online data and files stored in computers or servers. All data is encrypted, and criminals demand payment for the decryption key.

More than 80 per cent of UAE organisations said they have the staff required to effectively manage a ransomware cyber attack, matching the global average, a June survey by Boston-based security company Cybereason found.

About 67 per cent of UAE respondents also said they have a plan in place to counter any potential ransomware attempt, compared with 72 per cent globally, the study revealed.

The main goal of Clop ransomware is to encrypt all files in an enterprise and demand a payment to receive a decryptor to re-access the affected files, according to a blog post by computer security software company McAfee.

Clop ransomware emerged in 2019, when it became a prevalent threat to organisations and businesses, according to cloud cyber security service company Mimecast. Clop ransomware also threatens to leak confidential information if no ransom is paid, it said.

To date, it is estimated that Clop ransomware has extorted more than $500 million from organisations, including multinational energy companies and at least two prominent US universities, according to Mimecast.

“Clop ransomware typically goes after assets like data backups, vouchers, email lists,…