View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 6, 2022

Intersport cyberattack sees data posted on Hive victim blog

Information apparently stolen from the sports retailer has been posted to the dark web following an attack last month.

By Claudia Glover

Data allegedly belonging to international sports retailer Intersport has been posted onto the dark web blog of prolific Ransomware gang Hive.

Hive ransomware gang appears to be posting Intersport’s data onto its victim blog, following a cyberattack over Black Friday. (Photo by Michael715/Shutterstock)

It follows a cyberattack in November which took place during Black Friday week. The alleged stolen information appeared on the blog last night.

Founded in France, but now headquartered in Switzerland, Intersport has 5,800 stores worldwide in 65 countries, including 270 in the UK and Ireland.

Has Intersport suffered a cyberattack?

Screen grabs of the blog show that the gang are claiming to have hacked the sportswear company at 16:03 on 23 November. The data was posted to the dark web yesterday, which would suggest that the company has not paid a ransom following the attack. However, no details of any ransom demand have been revealed, and it is not clear if the breach affects the company’s systems outside of France.

Intersport has confirmed it suffered an attack, according to local media reports, with customers informed in-store by a note saying: “We are currently facing a cyberattack on Intersport’s servers which is preventing us from access to our cash registers, the loyalty card service and the gift card service.” The issues continued for several days, with staff unable to access cash registers. 

“We are working with manual checkouts, we have to note everything by hand to ensure that stocks follow, which sometimes causes a bit of a delay,” an Intersport store manager told La Voix du Nord.

Tech Monitor has contacted the company for further detail but it has not returned our request at the time of writing. 

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Intersport was the victim of another cyberattack in 2020. According to cybersecurity company ESET, the company was targeted by a Magecart campaign.

Shoppers using the company’s website in Croatia, Serbia, Slovenia and Montenegro were the victim of a skimming attack, where the victim is taken to a bogus website after they click “submit” to redeem their purchase, where they are lured into paying the wrong person.

Hive creating more buzz with its ransomware

Ransomware-as-a-Service gang Hive has been ramping up its activity throughout this year. “As of November 2022, Hive ransomware actors have victimised over 1,300 companies worldwide, receiving approximately $100m in ransom payments,” stated an FBI advisory last month.

The main targets of the gang are normally the health and education sectors, but they have been happy to branch out into other sectors, with an attack launched on the gas giant PGN earlier this year.

The FBI says Hive is garnering access to victim networks by using single-factor logins via remote desktop protocol and virtual private networks. Criminals using Hive ransomware have also bypassed multi-factor authentication and exploited common vulnerabilities in systems such as the Microsoft Exchange Server email platform to gain access to systems

Read more: Cambridge Water customers informed of data breach three months after cyberattack

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.