View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 9, 2022updated 10 Aug 2022 12:32pm

7-Eleven closes Denmark stores after latest cyberattack on retail point-of-sale systems

7-Eleven is the latest retailer to fall victim of a cyberattack that shut down point-of-sale systems.

By Claudia Glover

Global retailer 7-Eleven closed all of its stores in Denmark yesterday after a suspected “hacker attack” took out its cash registers and payment systems.

“We suspect that we have been the victim of a hacker attack today,” the company said in a statement on Facebook last night. “We can’t use the cash registers nor accept payments. We are therefore closed until we know the extent” of the attack.

7-Eleven closed all 175 of its stores in Denmark following the incident, although it has since reopened five outlets, according to a statement issued this morning.

A 7-Eleven store in Copenhagen, Denmark.
7-Eleven joins Co-op and Spar in suffering a cyberattack that shut down point-of-sale systems. (Photo by anouchka/iStock)

The company was alerted to the attack when employees reported that its payment systems had shut down, Danish manager Jesper Ostergaard told local TV channel DR. “The cash registers just stopped working in all the stores and the employees started letting us know,” he said. “That has never happened before.”

Details on the nature or source of the attack have yet to emerge.

The incident is the latest in a string of cyberattacks that have disrupted retailers’ point-of-sale systems. Last year, for example, supermarket chain Co-op closed 500 of its stores in Sweden after one such attack.

In January this year, a ransomware attack shut down card payment systems at 600 outlets of Spar in the UK. Ransomware group Vice Society claimed responsibility for the Spar attack.

Kevin Beaumont, head of the SOC at Arcadia and a former threat researcher at Microsoft, observed on Twitter that some of these incidents followed supply chain attacks on the retailers’ managed service providers (MSPs).

Content from our partners
Unlocking the value of artificial intelligence and machine learning
Behind the priorities of tech and cybersecurity leaders
Corporate ransomware attacks: It’s only a matter of when, not if

The attack on Co-op in Sweden, for example, was traced to an MSP that used software from Kaseya, the US vendor that was compromised in July last year.

In reference to last week’s cyberattack that affected UK medical advice service NHS 111, Andy Norton, European cyber risk officer at cybersecurity vendor Armis, told Tech Monitor that service disruptions are an indication of ransomware attacks.

7-Eleven cyberattack is one of many

The cyberattack on 7-Eleven in Denmark is the second attack the company has suffered so far this month. Last week, TV screens in its Taiwanese stores were reportedly hijacked to broadcast messages telling US speaker Nancy Pelosi to “get out of Taiwan”.

In 2019, a flaw in 7-Eleven’s Japanese payment app allowed a hacker to make fraudulent charges on hundreds of customer accounts. A new feature introduced a glitch that allowed hackers to redirect password reset emails if they knew the user’s date of birth, email address and phone number. 

Unless the customer has entered their birthday, the app set it as January 1st 2019 by default making the hack easier to execute. Around 900 customers were affected, and  ¥55m ($500,000) was stolen.

Tech Monitor is hosting a roundtable in association with Intel vPro on how to integrate security into operations. For more information, visit NSMG.live.

Read more: NHS 111 cyberattack is a sign of the ‘new normal’

Topics in this article:
Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU