store says customer data has not been leaked

Lojas Renner said on Monday that there is so far no evidence of leaking of information or personal data, in any of its businesses, after a cyber attack suffered by the company on the 19th.

The retailer said that the operations of the distribution centers and back office were restored in the last week. E-commerce operations on websites and applications had resumed on the 21st and 22nd.

The company added that it maintains the work of investigating, documenting and investigating what happened.

The company has not confirmed whether the attack was a ransomware-type intrusion — which hijacks access to system data by encrypting it. In this type of scam, criminals often promise to release the system after paying a ransom.

The image circulates on social networks and websites of what would be a request for money from those responsible for the criminal action in exchange for Renner’s encrypted systems. The amount requested could reach US$ 1 billion (about R$ 5.4 billion, in direct conversion), to be paid in cryptocurrencies. The company did not confirm the information.

What is ransomware and how does it work?

Ransomware is often used to allow cybercriminals to remotely access a victim’s computer and encrypt their files—that is, put in a layer of protection that scrambles the data.

When a person tries to access a folder on their computer, for example, a warning usually appears saying that their files have been “hijacked”.

Data will only be returned after payment of ransom, usually made in cryptocurrencies, which makes it almost impossible to identify who was responsible for the attack.

There are also ransomware that encrypt the victim’s entire hard drive. In this case, the message appears when the computer is turned on, before the operating system starts up.

The promise to release access to the device also occurs after payment. Security and technology experts often advise victims not to pay for the ransom.

This year, large companies such as JBS, the world giant in the meat sector, and Colonial Pipeline, the largest US pipeline network, were targets of this type of action. The damage was so great that JBS decided to pay US$ 11 million not to have its sensitive information leaked. The Colonial Pipeline group admitted paying hackers $4.4 million.

*With reporting by Paula Arend Laier (Reuters) and Renata Baptista.