herald

Thursday 19 October 2017

Serb cyber crooks tried to hack into shoppers' details

Centra is among the retail chains owed by the Musgrave Group
Centra is among the retail chains owed by the Musgrave Group

A Serbian-based crime syndicate are the chief suspects in an attempted cyber attack on Irish retail giant the Musgrave Group, which owns SuperValu and Centra.

Hackers tried to access the details of tens of thousands of customers and suppliers - including debit and credit card numbers and expiry dates - stored in Musgrave's data banks.

However, there is no indication that any data was successfully exported by the raiders.

Networks

Gardai are liaising with Interpol and Europol over the attack, which involved networks in several countries but which is believed to have originated near Belgrade.

The group, which operates retail chains including SuperValu, Centra and Daybreak, confirmed it was liaising with gardai and the Office of the Data Protection Commissioner over the incident. It is understood that the retail group's total supplier and customer base extends to more than 250,000 people.

"Musgrave detected that mal-icious software was attempting to extract debit and credit card numbers and expiry dates, but not the cardholder name, PIN number or CCV number," a spokesperson said.

"While there is no evidence that any data has been stolen at this point, Musgrave is advising any concerned shoppers to review activity on their statements as a precaution.

"Musgrave's cyber breach response experts have installed advanced technical fixes and continue to actively manage and monitor the situation.

"The protection of information is an absolute priority for Musgrave, with a range of security solutions, including threat monitoring, anti-virus software, firewall and penetration testing deployed.

"The company apologises to its customers for this issue."

The attack was confirmed only 24 hours after the Herald revealed the number of cyber raids on Irish firms, utilities and banks has soared in the past 12 months.

State-sponsored cyber crime syndicates in North Korea are behind a significant number of the recent attacks as the rogue state tries to counter the impact of UN sanctions.

However, investigators are satisfied there is no North Korean link to the Musgrave Group raid and believe it was the work of a Serbian cyber gang who specialise in selling the financial details via the "dark web".

Promoted articles

Entertainment News