Updated on 2022-11-14: Canadian Supermarket Chain Recovering From Cyberattack
Canadian supermarket chain Sobeys is recovering from a cyberattack. Sobeys parent company Empire disclosed the incident in a press release on November 7, noting that while stores remained open, “some in-store services are functioning intermittently or with a delay. In addition, certain of the Company’s pharmacies are experiencing technical difficulties in fulfilling prescriptions.”
Note
- Sobeys has more than 1500 locations across Canada with brand names such as Foodland, IGA, Lawtons, Needs, Safeway, etc. The attack appears to involve the Black Basta ransomware and was executed about the same time as the attack on Canadian meat supplier Maple Leaf foods. Fortunately, the contingency plans have most services operating at this time. With today’s patterns, the trick is not only to restore operations and close the avenue of attack, but also make sure that you have checked for, and addressed other attack vectors, as attackers are quick to go after what is perceived as a weakened target. Make sure your recovery plan considers this behavior.
Read more in
- Empire Company Limited impacted by IT systems issue
- Canadian Supermarket Chain Sobeys Hit by Ransomware Attack
- Canadian food retail giant Sobeys hit by Black Basta ransomware
Updated on 2022-11-13
Canadian supermarket chain Sobeys suffered a ransomware attack by Black Basta, which disrupted certain systems and services including technical difficulties in fulfilling prescriptions. Read more: Canadian supermarket chain giant Sobeys suffered a ransomware attack
Overview: Sobeys ransomware incident
Canadian retail chain Sobeys said it was hit by a ransomware attack over the previous weekend that crippled IT systems across its grocery stores and pharmacies. Self-checkout stations, payroll management, gift card activation systems, and most backend services were all affected, according to public reporting. Despite the huge outage, the company’s stores remained open as point-of-sale systems were unaffected and allowed the company to process payments unhindered. The attack was later linked to the Black Basta ransomware operation. Read more: