Naivas has been hacked? Here are all the details you need to know

Was Popular Kenyan Supermarket Naivas Hacked. This was discovered few days ago by cybersecurity engineer Mike Oduor. Below are the details

Naivas has been listed among the organization hacked in the dark web. Naivas supermarket has appeared on ALPHV/BlackCAT dark web leak site.Seems they exploited vulnerability of the supermarket and are now selling customer data or may use for money laundering, those who have shared their personal information or those who swipe their debit or credit cards should beware.

Check below post made by Palpatine who is a security researcher and ethical hacker.

Maguys🤗Naivas wamenyuria🤣

Naivas has appeared on ALPHV/BlackCAT dark web leak site. Be4 we start..

1. @Known_Mike found this first
2. No data published yet but kuna samples of PoC
3. Data spans from 2021 – Financials, customers & partners pesonal info, credit cards …etc

Budgets, costs, invoices, cheques with names and signatures & bank accounts💰💵💵….Most of this stuff zinamention capital center na Mwembe….

Budgets, costs, invoices, cheques with names and signatures & bank accounts💰💵💵….Most of this stuff zinamention capital center na Mwembe….

Hear are some details shared incase you want to do a BEC scam😤 on Naivas….FOR EDUCATIONAL & RESEARCH PURPOSES ONLY!! 😜

Remember 💭those details i told y’all up there — personal details — Names. emails, phone numbers, IDs — THEY ARE SOOOOO MANY!!!!😰😱

Alafu Kamushenee kadogo😜 — kuna employee alipigwa ngeta pale Meru akitoka Equity bank headed to job in Naivas greenwood park at 6.00AM New years Eve last year🤭 …woi..😰

This happened jana as u can see the date Apr 21🧐

👉 ALPHV have promised to use the customer and partners personal info to conduct money laundering and criminal activities –😰

👉 ALPHV states Naivas is the most insecure online retailers in AFRICA –😅

Have y’all a good day🤗

Below are some of Kenyan’s reactions

The Connect: I’m not quite sure of the date but early March hapo naivas systems were down country wide. I don’t know if that could been in any relation to this happening.

r00tsploiter:Am worried of the customer financial data after these documents come online.

BlackCat being a known ransomeware group, Will naivas pay the ransom?
And if they do, how do they know that the ransomeware group wont double dip and try to make bank with the data?

K4RTEL: database, 😂👨🏾‍💻💰.Their ignorance is your power

Kakarot: Ndo maana people should never use their credit cards while shopping

Wesley Kibande:Most companies invest in other aspects of IT like software developers, networking, etc, but forget hiring a cyber security expert.

Muchesia Wallace:Sensitive data of @naivas_kenya is in the wrong hands and they are yet to officially communicate the issue to the public.

Isaac Mandela: Wueh! Hapa card details zikipatikana kwisha watu wa swiping.

✨sans-soucis✨:Reason 100 of why giving your data to supermarkets in the name of reward points is a gamble

Oti: Damn this is why you never use your main card for online purchases. Get a digital card or a separate debit card so that if that gets compromised you have reduced risk of losing your money.

Hozey: wololo a gold mine for a hacker, personal details are juicy

Juma G:Wait! Can this be the reason why @naivas_kenya has been having “system collapse” of late? I can also see credit card info of customers… Does that mean that Naivas has been storing our details every time we shop? Seems all those with Naivas cards have their info in the open..