Ukraine’s top home improvement chain, Epicentr, experienced a major cyberattack that severely disrupted its operations nationwide. Customers in various cities could not complete purchases due to offline sales systems and disabled store networks. The attack affected logistics and checkout systems, making deliveries and order tracking temporarily impossible for both in-store and online customers. Epicentr confirmed the incident as a deliberate cyberattack but did not name any suspects or provide details on the method used.
The company operates over 70 retail centers covering more than 2.2 million square meters across Ukraine.
Despite some service restoration by Tuesday, certain stores continued experiencing disruptions in core functions. Epicentr acknowledged the loss of accounting data and essential records, which hindered the generation of financial and tax documents. The company warned of continued problems with deliveries, parcel tracking, and service at pickup counters in affected shopping centers.
This attack is part of a broader pattern targeting Ukrainian infrastructure and businesses amid ongoing war with Russia. Epicentr has also lost 10 shopping centers to Russian missile strikes since the invasion began. Earlier this year, cyberattacks struck MHP, Ukraine’s leading agribusiness firm, and Ukrzaliznytsia, the national railway company. These events underscore persistent threats from suspected Russian actors aiming to disrupt Ukrainian stability and commercial operations.
Ukraine’s government continues to face digital threats alongside physical warfare from Russian forces. Recent breaches targeted state registers and sensitive national databases, including biometric and tax information. The Kyivstar telecom attack and a January data center breach caused major disruptions to government and utility services. Large international retailers, like the UK’s Marks & Spencer, also face similar risks, highlighting the global reach of cyberthreats against essential services.
Reference:
