Heimdal
article featured image

Contents:

Sobeys, a major grocery retailer in Canada, published an official statement announcing it has been affected by a technical issue traced back to the IT systems.

Sobeys is a subsidiary of the parent company Empire Company Limited, headquartered in Nova Scotia, Canada, with over 130,000 employees and annual sales of $30.5 billion. Sobeys has a network of 1,500 stores under various retail names throughout all ten Canadian provinces, including Sobeys, IGA, Safeway, FreshCo, Foodland, Lawton Drugs and Thrifty Foods.

The Company’s grocery stores remain open to serve customers and are not experiencing significant disruptions at this time. However, some in-store services are functioning intermittently or with a delay. (…) In addition, certain of the Company’s pharmacies are experiencing technical difficulties in fulfilling prescriptions.

Extract from Empire Company Limited’s Statement

Source

In a different statement, published on Sobeys’ official website, however, it was noted that all stores were open and they are not experiencing any substantial disruptions:

Our stores are currently experiencing systems issues that are affecting some of the services offered. All our stores remain open to serve you and are not experiencing significant disruptions at this time. While some in-store services are functioning intermittently or with a delay, we are pleased to note that our pharmacy network is now able to operate fully.

Source

Employees Tell A Different Story

Employee reports disclosed by Bleeping Computer tell a different story. It seems that all computers in affected Sobeys stores were locked out, but that POS and payment processing systems remained up and functional since they operate on a separate network.

Internauts also argue on a Reddit post that all signs point to a ransomware attack, even though the company has not yet released an official statement confirming it:

Sobeys internauts reddit

Source

Moreover, pictures of Sobeys’s in-store computers displaying a Black Basta ransom message have been posted online by staff members. Multiple sources have told Bleeping Computer that the attack took place on Friday night or Saturday morning, on November 7th.

Sobeys ransom message

Source

Canadian provincial privacy watchdogs from Quebec and Alberta confirmed receiving “confidentiality incident” notices from the shop, according to local media. The Quebec watchdog has confirmed to The Canadian Press that such notifications are only issued if a data breach has resulted in the exposure of personally identifiable information.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Author Profile

Madalina Popovici

Digital PR Specialist

linkedin icon

Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE