Posted on October 23, 2022 at 4:43 PM
International wholesale giant METRO has announced a breach of its IT systems following a hacking incident. As a result of the breach, the company experienced store payment issues and outages.
METRO’s IT team and some external experts have started investigating the incident to unravel what went on and how to prevent a further attack on the system.
The IT Outages Affected METRO’s Operational Areas
The IT outages have affected stores in France, Germany, and Austria, with many of the outages experienced since October 17. “METRO/MAKRO is currently experiencing a partial IT infrastructure outage of several technical services,” the company stated on its website.
While METRO is still operating its stores, the company noted that it had to set up an offline payment option after experiencing delays in its online payment method due to the attack. Online orders through the online store and the web app are being processed, although delays are expected.
The company has also informed authorities about the incident and will be cooperating with investigators to gain more insights into the attack.
METRO is an international wholesale company for customers in the hotel, catering, and the restaurant industry. The company employs more than 95,000 people and has operational offices in more than 30 countries.
It operates under the MAKRO and METRO brands, with more than 661 wholesale stores worldwide.
A Possible DDoS Attack On The Firm’s IT Systems
METRO has not shared further information about the nature of the cyber attack, but most IT infrastructure stoppages or disruptions are usually connected to DDoS attacks.
METRO stated that it will continue to monitor and analyze the incident to provide updates as required. The company has also reached out to its customers and business partners and apologized for any inconvenience such outages may have caused them.
The attack did not only affect the operational bases in France and Austria but all METRO AG branches worldwide.
Also in Germany, the same issue was noticed since no prices or stocks have been checked or updated.
Although the checkout system is still working, it operates slowly. This has led to long queues. Those that want to reserve something digitally are also faced with the same problem.
Some customers have also voiced their worries. One user observed that the IT issue has been going on since Friday afternoon. One of the readers explained that their email systems delivered over 440 connection Failed-Errors while communicating with the METRO mall system last Monday. But the communication system has been restored and is now working normally.
Medibank Confirms That It Suffered Ransomware Attack
In another development, Australian health insurance provider Medibank confirmed that a ransomware attack is responsible for the disruption of its operations last week.
Medibank is one of the largest private health insurance providers in Australia. It has more than 400 employees and covered over 3.7 million people.
Chief Executive Officer of Medibank, David Kockar, commented on the situation. He apologized for the short outage in service due to the ransomware attack. But he has assured customers that the company has resumed normal operations.
No Evidence That Customer Data Was Stolen
In a new statement by the company, CEO David Koczkar apologized for the temporary service outage and confirmed they suffered a ransomware attack. He informed customers that normal operations have resumed.
Although Koczkar stated that the company indeed suffered a ransomware attack, he noted that no system was encrypted during the attack. Additionally, the security team I still investigating the incident, but there has been no evidence that customer data was stolen.
Medibank initially detected unusual activities on its network on October 12. Following the discovery, it took an immediate step to shut down parts of its systems to prevent any infiltration or encryption of sensitive files.
On Friday, the company notified its customers by sending out about 2.8 million emails and SMS. It informed the customers about the security issue and explained the reasons for the outages.
The notices assured customers that their data is safe while informing them that the investigation is ongoing. The announcement also assured that the integrity and safety of customers’ data are guaranteed. Medibank has also introduced additional security measures across all networks to improve security and prevent future attacks on the systems.
Medibank will be engaging the Australian government’s lead cyber agency as well as external cybersecurity experts as more forensics investigation continues on the matter.