In the first stage, the only noticeable problem was that the card payment in the stores did not work. A total of 62 stores in the area were affected. And with only days left until Christmas, the stores were forced to pay with only swish and cash.
Coop Värmland immediately reported the incident to the police, and was able to ascertain that the store chain had been exposed to a cyberattack of a so-called ransom nature, that is, that the purpose was financial extortion.
– It was a criminal hijacking of our systems, says Klas Olsson, communications manager at Coop Värmland.
Employee passports were posted on the darknet
But the hacker group wasn’t satisfied with that. Now a handful of employees’ personal data has been published on the darknet. It is about photos on passports and ID cards. It is still uncertain exactly how many people’s data was stolen in the attack. In total, the amount of stolen data amounts to 257 gigabytes, according to the hacker group.
Coop Värmland contacted the exposed employees as soon as they became aware of the leak.
Klas Olsson emphasizes that the hacked systems only affect employees. The systems have no connection to bank cards or accounts, either for customers or employees.
– Our customers are not affected by this hack. That part is assured.
“The hatches are blocked”
External experts are checking Coop’s system, but according to Klas Olsson, the loopholes that let the hacker group through are now closed.
– We do not know where this attack is coming from, but we are doing everything in our power, and we will fix this. We have decided that, says Klas Olsson.
SVT has contacted the Bergslagen police region, which could not answer questions about the case.