Fast Shop Brazilian retailer discloses "extortion" cyberattack - BleepingComputer
2022-06-24 11:57 (EST) - Bill Toulas
Fast Shop, one of Brazils largest online retailers, has suffered an extortion cyberattack that led to network disruption and the temporary closure of its online store.
Fast Shop is an online retailer selling a wide range of products, including computers, smartphones, gaming consoles, furniture, beauty products, and home appliances. The retailer has been active in Brazil since 1986 and currently operates 86 physical locations, with its website and app counting over six million visits monthly.
The cyberattack occurred Wednesday, impacting the Fast Shop main website, mobile apps, and online ordering system, as the retailer took systems offline as part of its incident response protocol. The attack didnt impact physical shops.
Followers of Fast Shops Twitter handle learned about the situation a little earlier, as the network intruders took over the firms Twitter account to announce that they had performed a data breach.
The threat actors claimed that over the past 72 hours, they were actively extorting Fast Shop after accessing the firms databases on AWS, Azure, GitLab, and IBM cloud, stealing website/app source code and valuable user and corporate data.
Threat actors allegedly used the stolen information to blackmail Fast Shop into paying a ransom; otherwise, all data would be leaked to the public.
Notably, Fast Shop is soon to launch a new online platform focusing on augmented reality and artificial intelligence, so the stolen source code might include valuable project details.
The threat actors messages were removed when Fast Shops admins regained control of the compromised Twitter account. However, Tec Mundos infosec news reporter, Felipe Payao, was able to save a screenshot.
Fast Shops announcement has responded to these claims, saying that they see no evidence of customer data having been compromised, and the same applies to the firms "entire information base."
While Fast Shop is disputing the hackers claims, everyone who has an account on the Brazilian e-commerce platform should reset their passwords if they use the same credentials on other websites.
From the available information, this looks like a data extortion attack rather than a traditional ransomware attack. Similar to those launched by the now-defunct Lapsus group , which extorted victims with the main threat to publish stolen data.
Bleeping Computer has requested more information about the cyberattack from Fast Shop, and we will update this post when we receive a response.
