Naivas Supermarket, one of the leading retailers in Kenya, has confirmed that it was a victim of a ransomware attack by an online criminal organization.

In a statement released on Sunday, the company disclosed that the attack may have compromised some of its data.

According to the statement, Naivas quickly contained the attack and engaged cybersecurity experts to ensure system integrity.

“Naivas regrets to announce that alongside many corporates and organisations in and outside Kenya, we have been the victims of a ransomware attack by an online criminal organisation (Threat Actor), the statement read in oart.

“This unlawful intrusion may have compromised some of our data. Naivas has contained this attack, and our systems are secure and our operations are normal.”

Read More

  1. Kenya witnesses alarming 943 per cent surge in cyber threats, prompting urgent action
  2. Naivas empire in fresh ownership wranglings as siblings vie for control
  3. Panda Mart expands its footprint with grand entrance into Garden City Mall

The company has stated that it is cooperating with the relevant law enforcement agencies as they investigate this and the many current ransomware attacks in Kenya. .

The Threat Actor responsible for the attack has claimed to have stolen some of the company’s data and is threatening to publish it.

Naivas said it was closely monitoring the situation and working with law enforcement agencies to prevent any malicious use of the stolen data.

The company has clarified that it does not hold any credit card or debit card information on its systems and that payment information is handled securely and protected through SSL encryption.

“Naivas would like to confirm that we do not hold any credit card/debit card information on our systems, and that such payment information is handled securely and protected through Secure Sockets Layer (SSL) encryption,” the statement read.

Naivas has urged its customers to pay particular attention to any phishing attempts and ensure the sufficient security of passwords.

The company has apologized for any worry and inconvenience caused by the criminal activity and emphasized its commitment to the protection of personal information.

The Incident highlights the growing threat of ransomware attacks to businesses and organizations in Kenya and the need for robust cybersecurity measures to prevent and respond to such incidents.