Cyber hackers attacked the US subsidiary of catering giant MTY on November 17. The Montreal company, which owns the brands Mikes, Scores, Valentine and Thaï Express, has nevertheless avoided the worst.
• Read also: Ottawa warns of ‘new normal’ in cyber threats
• Read also: The former Coop fédérée is the target of cyber hackers in turn
• Read also: Massive information leak at the Goodfellow company
The NetWalker gang ransomware attacked Kahala Brands, the US franchisor that MTY acquired in 2016.
“They tried to encrypt the data on our servers, but they were unsuccessful,” says MTY CEO Eric Lefebvre. Our IT security lifted the flag quite quickly. “
NetWalker has also just attacked Sollio Groupe coopératif (ex-Coop fédérée) with more success, reported our Bureau of Investigation on November 17th.
These cyber hackers, recognized for their major targets, boast on the dark web of having copied dozens of files from Kahala’s servers. They threaten to divulge its contents on 1er December if they are not paid.
As they failed to complete the job, however, MTY could not see any ransom note.
“If there is one to pay, it will be up to the insurance company to do it, not MTY,” explains Éric Lefebvre.
True to form, NetWalker presents on the dark web a list of items that it claims to have copied, including “Legal”, “Legal Tax Share”, “LLC Payroll” and “HR” files, as in “human resources” ” (human ressources).
MTY, listed on the Toronto Stock Exchange, hired a specialized firm to find out what the gang was able to steal.
“The question is, do they have something or nothing? »Says Éric Lefebvre.
He specifies that MTY’s most sensitive data is not hosted on Kahala’s network in the United States, but on the servers of the Montreal parent company.
NetWalker has multiplied the victims since last year.
In Quebec, in addition to Sollio, the gang tricked Xpertdoc, who paid a ransom to recover police data stolen from its servers.
These cybercriminals also pocketed US $ 1.14 million from the University of California at San Francisco, which was working on a vaccine against COVID-19, according to the BBC.
▶ If you have any information on cybersecurity, contact our journalist confidentially at 438 396-5546 (Signal, cell) or 438 396-5546.