Lojas Renner, a clothing department store chain with over 2,000 stores in Brazil, said it was hit by a cyberattack that crippled its systems and knocked down its web store.
According to a disclosure it filed with the Brazilian stock market on Thursday, the company experienced a ransomware attack.
The incident was widely covered by local bloggers and news outlets in Brazil. They claimed that the attack had caused the company to close down all its stores in the country.
In a statement released earlier today, the company clarified that all its stores were still open and that the attack only affected its e-commerce division.
According to The Record’s sources, many of Renner’s stores in Brazil are indeed open, and they are processing transactions.
According to one Brazilian blog, the attack on Renner’s infrastructure was carried out by a gang known as the RansomExx gang. It gained access to the company’s servers through Tivit, a leading digital services provider in Brazil. Tivit denied to CNN Brazil Business that its corporate servers or networks were compromised.
Despite admitting that their systems were hacked, Renner officials maintained that their main database remained intact. It is not yet clear if the attackers gained access to the servers, which contained sensitive information about the company’s customers.
It’s possible that the ransomware gang stole the sensitive e-commerce data, since many gangs tend to steal data before encrypting it. Moreover, this is RansomExx’s regular modus operandi.
Later today, another media report claimed that Renner had paid the hackers $20 million in ransom money.
It seems plausible because today Lojas Renner is a prosperous business. With more than 600 stores in three countries and running brands such as Renner, Camicado, Youcom, and Ashua, it is considered one of the largest companies in the region.