A cyberattack by the Hive ransomware gang has led to an extortion attempt worth $2 million against Damart, the French clothing firm with over 130 locations throughout the world.
The company's operations have been interrupted and some of its systems have been encrypted since August 15. In order to keep discussions confidential, the hackers have chosen not to list the victim on their extortion website.
Damart has not yet started discussions with the cybercriminals but has reported the event to the national police, thus, it remains doubtful if Hive will be compensated.
The first indication of difficulty arose on August 15 when Damart posted a notice about unexpected maintenance on the home page of their online store.
Damart, a mail-order clothing company based in Bingley, West Yorkshire, has confirmed that there was an attempt to hack into their IT systems during that time. The firm stated that "They were quickly able to intercept the attempt with strong security protocols."
In addition, the website is presently unavailable because they have temporarily restricted several services that are offered to clients as a precaution. The business places a high focus on data and system security, and reassuringly, there is no proof that any client data has been adversely affected as of yet.
On August 24, it was revealed that 92 of Damart's stores had been affected by the disruption to its sales network, which was not functioning regularly. As a result, fewer purchases were accepted, and customer service was shut down.
The company made it clear that the hackers had successfully entered the Active Directory and had begun a sudden attack that led to the encryption of some of the systems.
According to Damart, the corporation took preventive measures by shutting down systems to prevent them from being encrypted, which impaired the services.
It is yet uncertain whether Hive was successful in stealing any data during the cyberattack. The gang, however, uses the double-extortion strategy and steals data before it is encrypted. This gives the hackers the ability to threaten the victim with a data breach in order to exert pressure on the victim to pay a ransom.
The situation is similar to how Ragnar Locker's cyberattack against LDLC last December played out. By their own accord, the assailants had been stopped before they could deliver their fatal blow and activate the encryption.
According to Valery Marchive's claim, the hackers are not eager for negotiations and anticipate that parent company Damartex would pay the whole ransom. Marchive was able to recover a leaked ransom note and published data on LeMagIT.
