Hackers target thousands of SuperValu customers' details
A notorious Serbian-based crime syndicate is the chief suspect in the attempted cyber attack on Irish retail giant SuperValu.
Gardaí are now liaising with Interpol and Europol over the attack on the Musgrave Group, of which SuperValu is a part. The attack involved networks in several countries, but is believed to have originated outside Belgrade, in Serbia.
Hackers attempted to access the financial details of tens of thousands of customers and suppliers stored in the Irish retail giant's data banks.
However, there is no indication any data was successfully exported from the Irish IT network by the raiders.
The Musgrave Group, which operates high-profile Irish retail chains including SuperValu, Centra and Daybreak, confirmed it was now liaising with both gardaí and the Office of the Data Protection Commission over the incident.
Police forces in at least three other jurisdictions are now liaising with gardaí over the attack. SuperValu, Centra and Daybreak operators nationwide have all been briefed on the incident.
It is understood that the retail group's total supplier and customer base extends to more than 250,000 people.
The attack was confirmed just 24 hours after the Irish Independent revealed the number of cyber crime attacks on Irish firms, utilities and banks has soared over the past 12 months.
State-sponsored cyber-crime syndicates in North Korea are behind a significant number of the recent attacks as the rogue state attempts to counter the impact of UN sanctions by raising cash through global cyber robbery.
However, investigators are satisfied there is no North Korean link to the Musgrave Group raid.
They believe it was the work of a Serbian cyber gang, which specialises in selling-on the financial details of shoppers and firms via the 'dark web'.
The firm said its IT experts had detected an attempt by cyber criminals to use malware or malicious software to access financial data.
The attack was discovered by Musgrave's IT experts during a routine analysis of a centralised network last Monday afternoon.
"Musgrave detected that malicious software was attempting to extract debit and credit card numbers and expiry dates, but not the cardholder name, PIN number or CVV number," a spokesperson said.
"While there is no evidence that any data has been stolen at this point, Musgrave is advising any concerned shoppers to review activity on their statements as a precautionary measure.
"Musgrave's cyber breach response experts have installed advanced technical fixes and continue to actively manage and monitor the situation.
"The protection of information is an absolute priority for Musgrave, with a range of security solutions including threat-monitoring, anti-virus software, firewall and penetration testing deployed.
"The company aims to ensure that security standards are maintained at the highest levels and apologises to its customers for this issue."
Dublin Information Sec 2017, Ireland’s cyber security conference, addresses the critically important issues that threaten businesses in the information age. For more on INM’s Dublin InfoSec 2017 conference, go to: independent.ie/infosec