A notorious ransomware group dubbed DragonForce has claimed responsibility for a series of cyber attacks targeting major UK retailers, with Co-op now confirming a significant data breach affecting its membership database. In response to these incidents, Cabinet Office Minister Pat McFadden will deliver a keynote speech at the CyberUK conference emphasizing that “companies must treat cyber security as an absolute priority”. As DragonForce continues to operate its ransomware-as-a-service model, security experts warn that similar attacks are likely to increase, particularly against organizations with valuable customer databases and potentially vulnerable IT infrastructure. “This data includes Co-op Group members’ personal data such as names and contact details, and does not include members’ passwords, bank or credit card details, transactions or information,” Co-op clarified in its statement. The ransomware group operates a “cartel” model, recruiting affiliate hackers who receive 80% of any ransom payments while DragonForce provides the infrastructure, leak site, and payment negotiation services. DragonForce affiliates typically employ a technique called “Bring Your Own Vulnerable Driver” (BYOVD) to disable security software by loading legitimate but vulnerable kernel drivers. However, the DragonForce ransomware group contacted the BBC with evidence of the breach, sharing databases containing membership card numbers, names, addresses, emails, and phone numbers of customers. Co-op is currently working with the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA) to investigate the breach. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Kaaviya is a Security Editor and fellow reporter with Cyber Security News.
This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 05 May 2025 14:55:16 +0000