Naivas Supermarket has confirmed that it was a victim of a ransomware attack by an online criminal organization dubbed Threat Actor.
In a statement on Monday, Naivas Chief Executive Officer Willy Kimani said the unlawful intrusion may have compromised some of the company’s data and assured customers that they have put in place measures to safeguard their data.
“Naivas has contained this attack and our systems are secure and our operations are normal,” read the statement.
Kimani noted that Naivas took immediate steps to prevent external access and engaged leading cybersecurity experts CrowdStrike to ensure system integrity.
“This process is complete and our systems are secure. We are cooperating with the relevant law enforcement agencies as they investigate this and the many ransomware attacks in Kenya,” Naivas added.
Kimani clarified that the supermarket chain does not hold any credit card/Debit card information on its systems, adding that such payment information is handled securely and protected through Secure Sockets Layer (SSL) encryption.
“At this moment, we are not aware of any malicious use of stolen data, however, it is recommended in the face of this type of situation to pay particular attention to any phishing attempts (by phone, SMS or email) as well as to the sufficient security of passwords,” he said.
“Naivas would like to assure its customers that it takes the protection of personal information seriously and apologizes for any worry and inconvenience caused by this criminal activity.”
