Forensic research shows that data from Dutch employees of Albert Heijn and Etos has been exfiltrated by the Russian ransomware operation INC Ransom. Affected workers have expressed their concerns.
In November 2024, Ahold Delhaize, a Dutch multinational grocery conglomerate, confirmed that a security incident had taken place. We recently learned that the attackers obtained six terabytes of corporate data and threatened to publish all documents if the company refused to meet their ransom demands.
Ahold Delhaize launched an investigation into the matter. In a statement, the company confirms that “certain files” were taken from its internal United States business systems. An undisclosed number of Dutch employees have been affected by the data breach.
“Based on our ongoing review, we recently learned that certain Dutch employment data may have been contained in the affected files. Once we determined that certain Dutch employment data may have been contained in these files, we informed Dutch authorities, and are taking steps to inform affected individuals in accordance with our legal obligations,” the company states.
In a separate announcement regarding the security incident, Ahold Delhaize shares more details about who’s been affected.
“At this time, we believe that many associates who were working for Ahold Delhaize Group, Ahold Delhaize Europe & Indonesia (EBS), Albert Heijn, Etos, Gall & Gall and the Ahold Delhaize Coffee Company in the Netherlands and who were on the payroll in April 2021 may have been affected by this issue,” the food retail wholesaler says.
According to the company, there’s no evidence that Bol.com associates, or employees of franchisees of Albert Heijn, Etos, or Gall & Gal, have been affected. In addition, there’s no reason to believe that customer data from Albert Heijn, Etos, Gall & Gall, and Bol.com was impacted.
We know that INC Ransom has claimed responsibility for the breach, a ransomware operation that has been linked to Russia and threatens to release all stolen data.
In the meantime, Dutch employees of the supermarket Albert Heijn are worried that their information can be used to commit identity theft.
“We are instructed to be alert to strange phone calls or messages via email and WhatsApp,” an employee told the Dutch news outlet Algemeen Dagblad.
An internal email to employees states that names, bank account numbers, and the amount of the salary payment from April 2021 may have been involved in the breach.
Your email address will not be published. Required fields are markedmarked