Ransomware attack disrupted store operations in the Netherlands and Germany

Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany.

Electronics retail giant MediaMarkt was a victim of a ransomware attack that forced the company to shut down its IT infrastructure to contain the threat and disrupted store operations in the Netherlands and Germany.

Media Markt is a German multinational chain of stores selling consumer electronics with over 1000 stores in Europe.

MediaMarkt operates in 13 countries and employs approximately 53,000 employees and has a total sales of approximately €21 billion.

The attack took place over the weekend, the personnel at the stores was not able to accept credit card payments or print receipts. The sales online were not affected by the security incident.

“The cash registers can only scan and accept physical products from the stores. The stores will remain open, but can only sell products that are physically in the store. It is not possible to collect or return the products due to the cyber attack. Customers may also have to wait a while for an ordered package, because products can no longer be sent from the stores.” reported the local outlet RTLNieuws.

The company told employees that computers in the stores can no longer be used and asked them to disconnect cash registers from the network and do not restart systems.

Bleeping Computer, citing screenshots posted on Twitter, reported that 3,100 servers were infected with the ransomware.

The company launched an investigation into the incident, at the time of this writing it is not clear which is the ransomware family that hit the company.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini
International Editor-in-Chief
Cyber Defense Magazine