Ransomware is to blame for the closure of all 175 7-Eleven stores in Denmark on Monday.
The retailer closed all of its stores in Denmark after its cash registers and payment systems were brought down in the attack.
Initially, 7-Eleven’s Danish division did not say that ransomware was responsible for its problems, simply describing the incident as a “hacker attack”:
“We suspect that we have been the victim of a hacker attack today. We can’t use the cash registers nor accept payments. We are therefore closed until we know the extent of the attack.”
Jesper Østergaard, the CEO of 7-Eleven Denmark told a local TV station that the first indication that the company had been targeted by hackers came when staff reported that they were unable to process payments:
“The cash registers just stopped working in all the stores and the employees started letting us know. That has never happened before.”
As Bleeping Computer reports, the company has since confirmed that it was targeted by a ransomware attack, and that it is working with police investigators. Many of 7-Eleven’s stores in Denmark have since reopened.
7-Eleven Denmark is not sharing much in the way of technical detail regarding the attack, which means that not only do we not know what family of ransomware might have caused the disruption but we also do not know how it might have entered the organisation in the first place.
For instance, is it possible that all of the country’s 7-Eleven stores were seemingly impacted simultaneously because they were all reliant on the same technology – perhaps provided by a supplier who might themselves have been compromised?
In addition, there is no public word – as yet – about whether the attackers have made any ransom demands, and what 7-Eleven’s position is on whether it might be prepared to pay its extortionists or not.
One piece of good news is that the attack appears to have been limited just to 7-Eleven’s Danish stores, rather than spreading further afield. As one Twitter user commented, other organisations might learn from this valuable lesson regarding the value of network segmentation.
7-Eleven is not the first retailer to have found itself with closed stores following a ransomware attack.
Late last year, for instance, the UK supermarket chain Spar had its checkouts disabled at over 300 branches.
Earlier in the year, in separate attacks, Swedish branches of Coop were forced to shut after being hit, and an attack on a Dutch supermarket chain actually resulted in a cheese shortage.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
