The Intersport brand was hit by a cyberattack in November 2022. The group of criminal hackers Hive is today demanding a ransom from the company, threatening to publish sensitive data.
New victim on French soil for the group of criminal hackers Hive. The Intersport group, which specializes in the sale of sporting goods, has been hit by ransomware. Hackers claim this operation since December 5, 2022 on the darknet site. They also gave a short deadline, until December 5, to the management of the company to pay the ransom – it is possible that the gang currently gives a little more time to the company to pay, or that the negotiations are underway. The amount is not disclosed.
A first file is online, which is a way to prove that the data held by the hackers is sensitive. Numerama was able to consult the file in question: it contains passports, payslips and lists of information on customers. At first glance, the Hauts-de-France region would be mainly affected, if we look at the shops mentioned in the files. However, the town of Sainte-Geneviève-des-bois, in Île-de-France, is also included. This suggests that other stores would be affected.
1,300 companies victimized by Hive in total
The attack took place on November 23, in the middle of Black Friday week. ” It is a cyberattack that affects a group of stores in the North region. The problem is quite limited, it’s a tiny part if we consider all of our 780 stores in France “, had indicated the direction of Intersport to the daily La Voix du Nord. Employees had to work with manual tills and record everything by hand.
Hive has been a very prolific group of hackers for over a year. A total of 1,300 companies were targeted by Hive. The FBI, the American federal police, had declared that this notorious gang has managed to extort more than 100 million dollars – around 97 million euros – from more than a thousand companies since June 2021. In France, the group attacked the textile brand Damart as well as the Altice group, parent company of SFR and many media – BFM, RMC. Confidential documents on the operations of the telecommunications giant had leaked.
The origin of the attackers is difficult to determine, but some clues suggest that they would be from Russia. First, several files posted online had been named in Russian. Then, attack methods would have been provided by Conti, another Russian-speaking group now dissolved, reveals the American media Bleeping computer. Hive, on the other hand, continues on its long string of cyberattacks.