‘E-Land’ Suffers Ransomware Attack and Closes Stores

  • Seoul-based retail giant ‘E-Land’ was forced to close 23 out of its 50 stores due to ransomware.
  • The company contracted investigators and informed the police, so there are no plans to pay the ransom.
  • The threat actors may have stolen highly sensitive data from E-Land’s network, but this hasn’t been confirmed yet.

South Korean retail giant ‘E-Land’ has suffered a ransomware attack that hit them over the weekend, which they made public on Sunday. The compromise of the corporate network resulted in disrupting operations of 23 physical stores, including the “NC Department Store” and the “NewCore Outlet.”

That is a disruption of 46% of the total number of stores owned and operated by the ‘E-Land Group,’ happening during the “Black Friday” week. This percentage was shut-down to protect the others from being affected, too, so there was a response from the company’s IT team.

This is an indication of where ransomware actors are planning to hit this week, as obstructing sales at this moment in time is catastrophic for retailers. This could result in quick ransom payments that won’t go through many negotiations, as the stores want to get back to normal operations and to selling goods to customers.

‘E-Land’ hasn’t admitted paying anything to the actors, however, and instead, they mention that they informed the police about the cyber-attack, asking them to investigate the origin. Based on that, the actors are not to expect a payment, which is typical for East Asian companies. The firm’s problem, though, is not only the business disruption but also the potential data breach that stems from the file exfiltration that happens when ransomware attacks occur.

The ‘E-Land’ conglomerate operates fashion apparel stores, restaurants, theme parks, hotels, and even construction businesses, so it is possible that the compromised data is extremely sensitive. The company only declared the attack and the initiation of investigations, so there’s nothing on that part yet. If there’s any data to use for extortion, we’ll get to know about it in a week, which is usually when the first samples are publicly leaked on dedicated dark web portals.



Pinelands Regional School District Announced Data Breach

Pinelands Regional School District concluded an investigation about a data breach they had in March this year.The breach happened using then board...

Banking Trojan Targets 100 Organizations in Brazil

A banking trojan from Latin America was found targeting almost 100 Brazilian organizations and individuals.The malware was first noticed in late August...

The Number of Phishing Emails Impersonating Craigslist Is Growing

Craigslist Gsuite & Microsoft users are being targeted with phishing emails that present a fake user login page.These emails rely on brand...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari