News about cyber-attacks are no longer reserved for technology companies or banks: more and more well-known brands in the retail sector are making headlines for digital threats. This time, the protagonist is Sam's Club, one of the largest U.S. department store chains and part of the Walmart conglomerate, which is investigating a possible security breach linked to the Clop ransomware group.
With more than 600 locations in the U.S. and Puerto Rico, nearly 200 more in Mexico and China, and more than 2.3 million employees globally, any incident affecting this company can have massive reach.
Sam's Club responds to possible security breach
Sam's Club confirmed that they are aware of the reports of a possible security incident and that they are actively investigating the incident. A spokesperson for the company assured that protecting the privacy and security of its members is a top priority, and that they will take the necessary measures if any breach is confirmed. They also noted that they are taking the matter very seriously and will communicate with those involved if necessary.
So far, no further details about the investigation have been shared, but the ransomware group Clop already listed Sam's Club on its dark web leak site. Despite this, the attackers have not presented concrete evidence of the alleged data theft. For now, they have only launched accusations, claiming that the company “does not care about its customers” and “has ignored their security”, in an attempt to put public pressure on the retail giant.
Sam's Club entrance on the Clop site (Source: BleepingComputer)
Podría interesarte leer: What Is Ransomware? How to Prevent
Clop and its attack history: Sam's Club is not the only one
The Clop ransomware group's threats against Sam's Club are not coming out of the blue. Since January, this gang has been extorting dozens of companies that fell victim to a series of massive attacks. All of them took advantage of a zero-day vulnerability in the Cleo secure file transfer software, which was already patched in October last year.
It is not yet clear how many companies were affected by this flaw, but Cleo claims that more than 4,000 organizations worldwide use its tools. So the scope could be significant.
One of the most notorious cases was that of Western Alliance Bank, based in Arizona. The financial institution recently confirmed that it had to notify nearly 22,000 customers because their personal information was stolen in October, all because of this same flaw in third-party software.
And it's not the first time Clop has done something like this. This group has already been behind similar attacks exploiting vulnerabilities in other widely used programs such as Accellion FTA, MOVEit Transfer and GoAnywhere MFT. Basically, they look for weaknesses in tools used by many companies and launch chain attacks.
This is also not the first time Sam's Club customers have been affected by a security incident. In October 2020, the company had to automatically reset passwords for some accounts after detecting unauthorized login attempts. At the time, they explained that the attackers had obtained usernames and passwords through phishing campaigns, malware or leaks on other platforms, and not through a direct failure in Sam's Club's systems.
The Sam's Club case is just the latest in a long line of ransomware attacks that show how vulnerable even the largest companies are. For consumers, this is a wake-up call to take precautions with their personal data. For businesses, it's a clear warning: it's not a question of if they will be attacked, but when.
At TecnetOne, we understand that a ransomware attack can put your entire business in jeopardy. That's why we offer cybersecurity solutions designed to protect your data, systems and operations against attacks like the ones that are affecting large companies around the world. Our TecnetProtect solution offers advanced protection against ransomware, combining secure backup, disaster recovery and proactive defense against malware. It's complete, easy-to-use protection designed to give you peace of mind. If you are concerned about the security of your company, this is the tool you need.
