Sports retail giant Intersport fell victim to a ransomware attack that disabled checkouts in France during the holidays and the FIFA World Cup, which should be one of the busiest times of the year. Intersport has over 6,000 stores in 57 countries worldwide.
According to reports by local media, customers at Intersport’s stores in some parts of France were met with signs telling them that the cyberattack prevented the use of cash registers, loyalty card, and gift card services.
Intersport was quoted as saying that since the hack occurred on Nov. 23, stores were impacted during Black Friday sales promotions, which would normally be expected to be especially busy.
However, one store manager told reporters that manual checkouts and checkouts not connected to Intersport’s central network were still said to be operational.
“We work with manual checkouts, we have to note everything by hand to ensure that the stocks follow, which sometimes causes a bit of a wait,” the manager added.
In the days following the attack, the Hive ransomware group published on its leak website what it claimed as “proof” that it had stolen data from Intersport.
Intersport said in response that it did not believe any customer data was accessed during the attack, and declined to say whether it would be prepared to pay a ransom to the hackers or not.
This is not the first cyberattack that the sports retail giant has been hit with. In 2020, Intersport was one of a number of retailers to find that Magecart payment card-skimming code was being planted on its website, according to media reports.
Hive is a ransomware-as-a-service (RaaS) operation that is used by various different cybercriminal gangs to target organizations with extortion attacks. In November, the FBI revealed in a joint cybersecurity advisory that the Hive ransomware gang has extorted around $100 million in just 18 months.