Sports retail giant Intersport, with nearly 6,000 stores in 57 countries around the world, was hit by a ransomware attack that disabled checkout in France during what was supposed to be one of the busiest times of the year.
Shoppers at Intersport stores in some parts of France reportedly There were signs that cyberattacks were impeding access to cash registers, loyalty cards, and gift card services.
Intersport reportedly said the hack occurred on November 23rd, thus affecting its stores during Black Friday sales promotions, which are usually expected to be particularly busy.
Manual checkouts and checkouts not connected to Intersport’s central network were said to be operational.
“We do manual checkouts. Everything has to be manually recorded to make sure inventory keeps up, and sometimes that can be a bit of a wait.”
A few days after the attack, the Hive ransomware group published on a leak website what they claimed was “evidence” of having stolen data from Intersport.
With Intersport refusing to negotiate, it is unclear whether the group chose to release information about the attack or to persuade the company to take its ransom demands more seriously.
Intersport itself has said it does not believe customer data has been accessed, and has not disclosed whether it is willing to pay the attackers a ransom.
The company is well aware of being targeted by cybercriminals. In 2020, Intersport was one of many retailers to discover fraudulent use of Magecart payment card skimming codes. planted in part of the website.
Hive is a Ransomware as a Service (RaaS) operation used by various cybercriminal groups to launch extortion attacks against organizations. Last month, the FBI revealed that Hive ransomware extorted him $100 million in just 18 months.