Naivas supermarket's data has been attacked by cybercriminals, Chief Commercial Officer (CCO) says.
In a statement released on Sunday, April 23, Willy Kimani the CCO says that the chain of supermarkets has managed to salvage the situation and that the internal systems are secure.
"Naivas regrets to announce that alongside many corporates and organisations in and outside Kenya, we have been the victims of a ransomware attack by an online criminal organization. This unlawful intrusion may have compromised some of our data," Kimani's statement reads in part.
"On becoming aware of the attack, Naivas took immediate steps to prevent external access and engaged leading cybersecurity experts to crowd strike to ensure system integrity. This process is complete and our systems are secure."
According to Kimani, Naivas has reported that the perpetrators are threatening to publish their data and that the office of the Data Protection Commissioner had been roped in on the matter.
The Supermarket's management has also assured its clients of their financial information privacy.
"Naivas would like to confirm that we do not hold any credit card/debit card information on our systems and that such payment information is handled securely and protected through secure sockets Layer (SSL) encryption."
Mr. Kimani recommends that particular attention is paid to any technocrats as well as to the sufficient security of passwords.
"At this moment, we are not aware of any malicious use of stolen data. However, it is recommended in the face of this type of situation to pay particular attention to any phishing attempts (by phone, SMS, or email) as well as to the sufficient security of passwords." added the CCO.