RansomHouse, a ransomware gang, has claimed responsibility for the cyberattack on Shoprite, Africa’s largest retailer.
The attack, which Shoprite confirmed a week ago, compromised customer data in Eswatini, Namibia and Zambia, the company said. Shoprite said the data breach “included names and ID numbers but no financial information or bank account numbers.”
In messages posted on RansomHouse’s Telegram channel and seen by TechCrunch, the gang, which is said to be targeting companies with weak security, claimed to have obtained 600 gigabytes of data from Shoprite. It said to have collected personal data that was “in plain text/raw photos packed in archived files, completely unprotected.”
Costa Rica’s public health system hit by Hive ransomware following Conti attacks
The group also claimed to have contacted Shoprite’s management for negotiations and hinted that it will sell the data and make some of it public if the talks failed.
TechCrunch reached out to Shoprite to confirm if RansomHouse had made contact with them, and to get more details including the number of customers affected by the attack, but the retailer declined to comment while referring us to this statement they posted following the incident.
Join 10k+ tech and VC leaders for growth and connections at Disrupt 2025
Netflix, Box, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, Vinod Khosla — just some of the 250+ heavy hitters leading 200+ sessions designed to deliver the insights that fuel startup growth and sharpen your edge. Don’t miss the 20th anniversary of TechCrunch, and a chance to learn from the top voices in tech. Grab your ticket before doors open to save up to $444.
Join 10k+ tech and VC leaders for growth and connections at Disrupt 2025
Netflix, Box, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, Vinod Khosla — just some of the 250+ heavy hitters leading 200+ sessions designed to deliver the insights that fuel startup growth and sharpen your edge. Don’t miss a chance to learn from the top voices in tech. Grab your ticket before doors open to save up to $444.
In the statement, the retailer said investigations were ongoing and that it had notified the information regulator at its headquarters in South Africa (SA).
“An investigation was immediately launched with forensic experts and other data security professionals to establish the origin, nature and scope of this incident,” said Shoprite.
“Additional security measures to protect against further data loss were implemented by amending authentication processes and fraud prevention and detection strategies to protect customer data. Access to affected areas of the network has also been locked down,” it said.
The group urged affected customers to take precautionary measures while saying that it had not noted any misuse or publication of the data.
“The Group (Shoprite) is not aware of any misuse or publication of customer data that may have been acquired, however, web monitoring relating to the incident continues … there is a possibility that the impacted customer data may be used by the unauthorized party,” it said.
Shoprite is Africa’s largest chain retailer with 2,933 stores as of February this year. Its brands include Shoprite, Usave, LiquorShop, Checkers, Checkers Hyper and House & Home. The retailer has a strong financial performance with its operating profit rising last year by 19% (in the financial year ended July 4) to 9.7 billion rand ($681 million).
Foxconn confirms ransomware attack disrupted operations at Mexico factory
FBI seizes notorious marketplace for selling millions of stolen SSNs
