From RETAIL to TELECOMS; a hacker’s high-profile hits

RansomHouse is a cyber extortion group that emerged in late 2021, distinguishing itself by focusing solely on data theft without deploying ransomware. Unlike traditional ransomware gangs, RansomHouse infiltrates networks, exfiltrates sensitive data, and then coerces victims into paying a ransom under the threat of public data exposure.

In June 2022, RansomHouse targeted Africa’s largest supermarket chain, Shoprite. The group claimed to have accessed customers’ personal information, including names, ID numbers, and photographs of government-issued identity documents. They threatened to auction this data on the dark web unless Shoprite met their demands.

More recently, RansomHouse states it breached Cell C’s systems in early November 2024 and exfiltrated 2TB of data; this has been corroborated by files posted on the dark web.

RansomHouse’s modus operandi involves exploiting vulnerabilities to gain unauthorised access to organisations’ systems, stealing data, and then demanding payment to prevent its public release. They position themselves as ethical hackers, criticising companies for inadequate security measures and justifying their actions as a means to highlight these deficiencies.

The group’s activities underscore the evolving nature of cyber threats, where attackers may forgo traditional ransomware encryption in favour of pure data exfiltration and extortion. This approach can be more challenging to detect and emphasises the need for robust cybersecurity measures to protect sensitive information.

________

One more thing, at Pfortner, we take communications privacy very seriously. We encrypt email, messaging and network communications to provide our clientele with uncompromised privacy.

If you need to protect sensitive communications, please see www.pfortner.co.za or send an email to info@pfortner.co.za, and we will get back to you.