Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Passport scans, confidentiality agreements, and details of sexual harassment claims have been published to the dark web by hackers, but the retailer denies the hacker’s claim.
The INC Ransom ransomware gang has listed US discount retailer Dollar Tree as a victim on its darknet leak site and is claiming to have stolen 1.2 terabytes of data.
“They became a victim of the data breach,” an INC Ransom spokesperson said in the leak post.
“1.2TB sensitive and personal data will be published soon in our blog.”
The leak post also included several documents and scan images compromised in the attack, including passports, confidentiality agreements, and details of sexual harassment claims alongside other employee data.
However, the majority of documents pertain to a similar retail chain, 99 Cents Only, which INC Ransom refers to in the body of its claim.
“Dollar Tree, Inc. (NASDAQ: DLTR) announced that it acquired designation rights for 170 leases of 99 Cents Only Stores across Arizona, California, Nevada, and Texas. The deal was completed via two transactions in May that were approved by the United States Bankruptcy Court for the District of Delaware. As part of the transactions, Dollar Tree also acquired the North American Intellectual Property of 99 Cents Only Stores and select on-site furniture, fixtures, and equipment,” it said.
In fact, the only document in the sample data that is linked to Dollar Tree is the cover of a Dollar Tree Store Associates’ Handbook.
Dollar Tree, as reported by multiple media outlets, has denied that its systems were compromised.
“The files referenced in these claims appear to involve former 99 Cents Only employees. Dollar Tree’s involvement with 99 Cents Only Stores is related to the purchase of select real estate lease rights following their closure. We did not acquire their corporate entity, systems/network, or data. Any allegation of Dollar Tree’s involvement is inaccurate,” a Dollar Tree spokesperson said.
99 Cents Only said it was closing all its stores in 2024; the company filed for Chapter 11 bankruptcy the same year. Presumably, no one bothered to secure its servers post-bankruptcy.
INC Ransom was first observed in August 2023 and has claimed attacks on a total of 394 victims since then.
The gang is known for its spear phishing tactics, which it employs to get into target networks, and for using double-extortion techniques to pressure its victims, both encrypting the data it steals and then threatening to publish that data online.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
