Menu
On Saturday 15th of April 2023, the American software and technology consulting company NCR disclosed that they had suffered an outage since Wednesday at their data centers after being hit by a ransomware attack. The outage resulted in its Aloha point of sale platform being unavailable for its customers to utilize the system.
NCR stated that they launched an investigation immediately upon discovering the cause of the outage whilst also contacting customers and engaging third-party cybersecurity experts to help with the investigation.
NCR has not yet disclosed which ransomware operation was behind their attack, although the cybersecurity researcher Dominic Alivieri reported that the BlackCat (aka ALPHV) ransomware group had released a short-lived post on their data leak site where the threat actors claimed responsibility. The post included a snippet of the negotiation chat conversation between an alleged NCR representative and the ransomware gang. According to the chat snippet, the threat actor claimed to have not stolen any data stored on servers during the attack but had stolen credentials for NCR’s customers and stated that they would be published if a ransom was not paid.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
