HQ/EMEAFind out how we can help your business
Ahold Delhaize, one of the US’s largest retailers, confirms that last year’s cyberattack resulted in a data heist affecting the country’s business system.
A spokesperson for the company stated that specific files were taken from some of its internal US business systems. Moreover, since the incident was detected, the company has been working to determine what information may have been affected.
This affected entity is a multinational retail and wholesale company that operates nearly 8,000 stores across Europe and the United States and employs over 410,000 people.
Threat actors may find this company attractive since it has reported yearly revenues of approximately $100 billion. In addition, it operates under brands such as Food Lion, Giant Food, Stop & Shop, and Hannaford in the American market.
Ahold Delhaize initially disclosed the then-unconfirmed attack in November last year.
On November 8, 2024, Ahold Delhaize issued a public statement disclosing a cybersecurity incident that forced it to take its IT systems offline for protection.
This issue and subsequent mitigating actions have affected some of the company’s USA brands and services, including several pharmacies and certain e-commerce operations.
However, last week, the notorious INC Ransom group added Ahold Delhaize to its data leak extortion site on the dark web, which included samples of documents they allegedly stole from the company.
The company addressed inquiries by concerned parties. It confirmed that there had been a data breach but didn’t comment on whether ransomware was involved in the attack.
Still, the company noted that the investigation into the incident remains ongoing. They also assured the public that if customer data is confirmed to have been impacted, those persons will be notified accordingly.
Furthermore, Ahold Delhaize stated that it has informed and updated law enforcement. Meanwhile, the spokesperson confirmed that all their stores and e-commerce services remain open and operational, so customers should not encounter problems.
INC Ransom has lately focused its attacks on U.S.-based organisations, with a member tracked by Microsoft as ‘Vanilla Tempest’ targeting US healthcare providers. As of now, potentially compromised individuals should be wary about their digital presence despite not yet receiving notification letters.
