Cybercriminals have targeted toy retailer Franz Carl Weber, claiming to have stolen over 700 GB of sensitive data, mainly comprising personal information of employees. The Black Basta ransomware gang has listed Franz Carl Weber as its latest victim on the dark web, threatening to release the data unless a ransom is paid. Among the compromised information are documents from accounting, employee personal data, and files from the HR department. The German drugstore chain Müller, the parent company of Franz Carl Weber, has confirmed the attack and stated that appropriate measures have been taken to address the situation, although the full extent of the breach is still being assessed.
The ransomware gang, Black Basta, has released a selection of data as proof of the attack, showcasing photographs of passports, identity cards, and foreign identity documents belonging to employees of Franz Carl Weber. Additionally, salary statements, apprenticeship contracts, and family allowance applications were among the compromised documents. Müller acknowledges the potential risks posed by the unauthorized disclosure of personal data and emphasizes that the matter is being taken very seriously, with law enforcement authorities and regulatory bodies being notified promptly.
Despite the cyber attack not significantly impacting business operations, the precise details regarding the attack vector and ransom demand remain undisclosed. Müller has refrained from providing information on whether they are considering paying the ransom. The incident highlights the ongoing threat of cyberattacks targeting businesses and underscores the importance of robust cybersecurity measures to mitigate risks and protect sensitive data from malicious actors.
