Spinneys, a major retailer, on Wednesday said a ransomware group may have leaked customer data stolen from its internal server.
In a statement to Khaleej Times, the supermarket chain operator said hackers managed to access customers’ names, email, addresses and mobile numbers. However, no personal banking information was compromised in the latest cybersecurity breach.
“Spinneys is aware of unverified emails being sent out from unidentifiable email addresses stating that a ransomware group may have leaked data hacked from our internal server on July 16, 2022. Hackers accessed an internal server that contained customer data including names, email addresses, mobile numbers, delivery addresses and previous order details,” said the statement.
“We can confirm that no personal banking information was compromised, as we do not store banking details on our servers,” said the retailer, which operates across 65 locations across the UAE.
Meanwhile, RansomWatch on Tuesday added new data leaks related to the retailer.
A number of UAE companies have witnessed cyberattacks. In January 2022, the Gems Education group was targeted by hackers. The largest education group in the UAE then engaged third-party expertise in its investigation. However, there were no reports of any data stolen during the breach.
Quoting a Group-IB’s latest Ransomware Uncover report, Wired reported that 17 UAE firms have already been taken hostage digitally in the first half of this year.
Spinney said it is closely working with Dubai Police, who are investigating the breach.
“We continue to work closely with the E-Crime Department at Dubai Police to actively investigate the matter, and keep our customers up to date,” it said.
Spinneys advised customers to remain vigilant against cyber criminals and deal only with people they trust.
“We are committed to handling our customers’ personal information responsibly and diligently at all times, and we deeply regret that this incident has occurred,” said the statement.