Ransomware hackers target Naivas Kenya, customer data compromised

Naivas Kenya, one of the leading online retailers in the country, has announced that it was the victim of a ransomware attack by an online criminal organisation.

The attack may have compromised some of the company’s data, but Naivas says it has contained the attack and secured its systems.

In a statement issued by its Chief Commercial Officer Willy Kimani, Naivas said it became aware of the attack and took immediate steps to prevent external access and engaged leading cybersecurity experts CrowdStrike to ensure system integrity. The company also said it is cooperating with the relevant law enforcement agencies, as they investigate this and the many current ransomware attacks in Kenya.

“…we have been the victims of a ransomware attack by an online criminal organisation (Threat Actor). This unlawful intrusion may have compromised some of our data. Naivas has contained this attack, and our systems are secure and our operations are normal,” the statement read in part.

Ransomware is a type of malicious software that encrypts the victim’s data and demands a ransom for its decryption. The attackers often threaten to publish or sell the data if the ransom is not paid.

Naivas said it has been made aware that the attackers have claimed to have stolen some of its data and are alleging that this may be published in due course. The company said it and law enforcement agencies are monitoring this closely. Naivas also said it has informed the Office of the Data Protection Commissioner Kenya of this incident.

The news of the hack were first shared on Twitter by a user with the handle @Sith_Lord___ who claimed to have access to Naivas’ data spanning from 2021, including financials, customers and partners personal information, credit cards, budgets, costs, invoices, cheques with names and signatures and bank accounts.

The company assured its customers that it does not hold any credit card or debit card information on its systems, and that such payment information is handled securely and protected through Secure Sockets Layer (SSL) encryption. It also said it is not aware of any malicious use of stolen data, but advised its customers to pay particular attention to any phishing attempts by phone, SMS or email, as well as to the sufficient security of passwords.

‘We take the protection of personal information very seriously. Please accept our deepest apologies for the worry and inconvenience that this criminal activity may cause,” the retailer said.