Shoe retailer Aldo says LockBit posting is related to system at franchise partner

Billion-dollar shoe seller Aldo said a recent claim by a notorious ransomware gang was related to one of the company’s franchise partners.

On Wednesday morning, the LockBit ransomware gang claimed it attacked the company, giving it until December 25 to pay a ransom in exchange for an undisclosed amount of stolen data. The gang did not say what data was stolen or how much was.

A spokesperson for Aldo told Recorded Future News that the posting involved the systems of an unspecified franchise partner. Aldo stores in the U.S., U.K., Canada and Ireland are owned directly by Aldo Group while all others are franchises.

The spokesperson claimed the attack was “quickly contained without impact on their operations.”

“No Aldo Group owned or operated systems were affected by this incident. As of today, following a thorough investigation, our partner has confirmed that the affected data is limited to information pertaining to their operations in a specific overseas territory,” they said.

“The affected data does not contain any Aldo customer financial or payment card information, as they do not store data of that nature. We are assured that our partner is handling this isolated incident competently and diligently.”

The Canadian company has almost 3,000 stores across 100 countries and more than $1.7 billion in annual sales.

Also added that it often promotes the “implementation of additional robust cybersecurity measures” and supports their partners in “protecting the privacy of their customers’ personal information and the integrity of their systems.”

Retailers like Aldo have long been targets of ransomware gangs eager to sell stolen personal data collected by stores and rake in lucrative ransoms from businesses that cannot afford to close for long periods of time.

More than 300 organizations in the retail industry said they were hit with ransomware attacks in 2021, according to a survey conducted by security company Sophos last year.

Over the years, apparel retailers like Shein, Forever 21, Lojas Renner and WH Smith have faced prominent attacks.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.