Brazilian retail giant confirms cyberattack after extortion group takes over Twitter account

Brazilian retail giant Fast Shop has regained control of its Twitter account after hackers took it over and sent several messages about a cyberattack.

The Sao Paulo-based retail company has more than 80 physical locations across Brazil and brought in a revenue of more than $430 million last quarter. 

But on Wednesday, hackers took over the company’s Twitter account and said they had been launching “an extortion attack” on Fast Shop’s IT and cloud systems. 

“We have gained access to some TB’s of your data from VCenter and various cloud services, AWS, AZURE, IBM GITLAB. The data includes source codes, PCI data, various user and corporate data,” the hackers wrote from the hijacked account. 

“We are happy to negotiate with you to prevent the leakage of this data and to help resolve the issues.”

A screenshot of the Tweets, which were later deleted. (Credit: Felipe Payão)

The hackers provided a link to a Telegram channel where they wanted Fast Shop officials to negotiate a ransom. The threat actors also managed to pin another tweet to the top of the company’s profile claiming stores would be closed for a number of days. 

It is unclear which extortion group was behind the attack

In a statement to The Record, Fast Shop PR manager Carina Eguia said the company “identified unauthorized access to the company’s information systems” and “activated security protocols.”

The website and app were shut down as the company tried to retake control of its platforms, Eguia said. 

“At this moment, the website and app are already restored and working normally. Fast Shop guarantees that all stores remain open and operate regularly,” she explained.

“The company emphasizes that all databases are under strict security processes and there was no evidence of damage to our customers’ data.”

The company later released the same message publicly.

In recent months, ransomware and extortion groups have made a point of going after supermarkets and retailers. 

The largest supermarket chain in Trinidad struggled to recover from a cyberattack that caused outages at all of its locations throughout the country in May.

One of the largest supermarket chains serving multiple countries across southern Africa was hit with ransomware last week

Last July, one of Sweden’s largest supermarket store chains, Coop, was forced to shut down nearly 800 stores across the country after one of its contractors was hit by ransomware in the aftermath of the wide-ranging Kaseya security incident.

Jonathan Greig

Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

Recent Posts

Chinese cyber agency signals support for tech industry

CAC officials set a conciliatory tone towards tech Friday, but are still supervising rides-hailing giant’s…

2 hours ago

Apple releases emergency patch for two iPhone, Mac zero-day vulnerabilities being exploited

Apple said hackers are actively exploiting two zero-day vulnerabilities in iPhones, iPads and Macs. In…

3 hours ago

Google says it stopped the largest DDoS attack ever recorded in June

One of Google’s customers was targeted with the largest distributed denial of service (DDoS) attack…

3 hours ago

European Commission’s Despina Spanou on why cyber officials must ‘learn lessons from crises’

When it comes to privacy and cybersecurity regulations, the European Union often sets the standards…

5 hours ago

Cyber insurers weigh in on latest cybersecurity trends, threats

The numbers speak for themselves: more companies are opting in for cyber insurance coverage than…

1 day ago

TikTok asks House of Representatives to rescind cyber advisory about company

Short-form video giant TikTok refuted claims made by the Chief Administrative Officer (CAO) of the…

1 day ago