Main Highlights:
- MediaMarkt instructed its shop assistants in several countries on Monday morning to stop using in-store computers and disconnect the cash registers from the internet.
- The electronics retailer despite an initial refusal to provide additional details admitted to being the victim of a cyber attack as a case of digital hostage-taking.
- According to reports, approximately 3,100 MediaMarkt servers have been compromised.
- At the moment, it is unknown whether the hackers gained access to any of the electronics retailer’s consumer data as well.
- Only in-person purchases can be made at MediaMarkt stores in Belgium and the Netherlands at this time.
MediaMarkt, an electronics retail chain, reported a cyber-attack that occurred on Monday when an international group of hackers gained access to its computer systems and demanded $50 million (approximately 43 million euros) in bitcoin.
No information was stolen
On Monday morning, MediaMarkt instructed its shop assistants in several countries to stop using in-store computers and disconnect the cash registers from the internet, according to its website. It was quickly determined that the electronics retailer had been the victim of a cyber attack. Even though the company initially refused to provide additional details, it is now clear that the attack was a digital hostage-taking operation.
Each compromised computer now has the following file on its hard drive: “Your network’s security system has been compromised, and all information has been encrypted as a result. You must purchase our decryption software to regain access to all of your data “The RTL news channel in the Netherlands reports on this development.
International hacker collective
According to the hostage-takers, the cost of this decryption software is prohibitively expensive: they have demanded $50 million for it. According to BleepingComputer, the ransom demand reached 240 million dollars at one point before MediaMarkt began negotiating with the perpetrators.
The attack is being carried out by the hacker group Hive, which gained international attention for hacking into hospital computer systems earlier this year. They do, however, maintain a high level of professionalism: Hive even provides a ‘customer service’ channel through which victims can communicate with the hackers to negotiate a lower ransom and obtain a few hostage files as proof of their capture. Failure to make timely payments will result in publishing the individual’s information on the group’s website. They apply pressure to the victims as a result of disclosing this information.
MediaMarkt reopens its doors
Approximately 3,100 MediaMarkt servers have been compromised, according to reports. It is currently unknown whether the hackers have gained access to any consumer data held by the electronics retailer. On the other hand, Hive is said to be extremely thorough, and it has been observed regularly hacking into the backups of its targets. At the moment, negotiations are taking place regarding the ransom.
Currently, the MediaMarkt locations in Belgium and the Netherlands are open for business, but they can only make in-person purchases from the stores themselves. Customer service is unavailable, as is the ability to pick up or return packages, accrue or redeem reward points on their loyalty cards, or redeem gift certificates. Credit cards are not accepted at the cash registers in the affected stores, and receipts cannot be printed at the time of purchase. The e-commerce industry is continuing to operate normally.
