“Naivas took immediate steps to prevent external access and engaged leading cybersecurity experts CrowdStrike to ensure system integrity,” said Kimani.
“This process is complete and our systems are secure. We are cooperating with the relevant law enforcement agencies, as they investigate this and the many current ransomware attacks in Kenya,” he added.
Naivas customers can however worry less about the security of their data since the supermarket does not store their information in their systems but the hackers threatened to leak data online in future.
Naivas also confirmed that payments made on its systems are safe and secure and are protected by Secure Sockets Layer (SSL) encryption.
“At this moment, we are not aware of any malicious use of stolen data. However, it is recommended in the face of this type of situation to pay particular attention to any phishing attempts (by phone, SMS or email) as well as to the sufficient security of passwords. We take the protection of personal information very seriously. Please accept our deepest apologies for the worry and inconvenience that this criminal activity may cause,” Kimani further stated.
In the meantime, the supermarket in conjunction with security agencies are monitoring any possible leak of data.
“We and law enforcement agencies are monitoring this closely. Naivas has also informed the office of the Data Protection Commissioner Kenya of this incident,” Kimani further said.