Cyber criminals hit Courts online platform

(Trinidad Guardian) The Unicomer Group yesterday confirmed that there was a cyberattack against Courts, one of its subsidiaries.

 

Public relations officer Shahad Ali said the breach occurred months ago and customers were informed.

 

“We are aware of the breach, having notified our customers about the same in September 2023. We are continuing our investigations,” he said.

 

Hours later, Unicomer said in a statement that the data breach occurred on its old e-commerce platform, www.shopcourts.com. The retail giant said it acted immediately, informed customers of the attack and the website was replaced.

 

“In September 2023, we replaced our e-commerce platform with a new one, www.courts.com, that enforces the measures and strengthens our security levels accordingly, to have a secure platform without any data breach,” the company said.

 

Unicomer told customers that none of their payment methods or password information was exposed in the incident. Customers who shopped in-store were not affected.

 

On Saturday, cyber security contractor, Gavin Dennis, posted via X (formerly Twitter) that hackers allegedly infiltrated the Shop Courts website and stole data on up to 200,000 orders. The information reportedly included customers’ names, addresses, phone numbers, account passwords, purchasing data, billing addresses, shipping addresses, payment methods and more.

 

Dennis also claimed that some of the data was leaked showing records of customer purchases made between 2013 to 2023.

 

Several Caribbean countries were affected, including Jamaica, Belize, St Lucia and Barbados.

 

Commenting on this latest incident, the manager of the T&T Cyber Security Incident Response Team (TT-CSIRT), Angus Smith said such incidents can happen again.

 

“I think we would see more cases like this, instances of cyber attacks in essence because as I said, the threat actors always are trying to see where they could penetrate different entities. So, I think that will be something that will continue to happen,” Smith said.

 

He said there are measures organisations can take to protect themselves, including hardening their infrastructure, updating software and configurations and managing their passwords as well as administrative access to their systems.

 

Smith warned companies and individuals against paying ransoms to cyber criminals who demand payment for not releasing sensitive data, though he admitted it’s something that ought to be assessed on a case-by-case basis.

 

“There’s no guarantee that if you pay a ransom you will be able to get back your information and avoid it being published on the dark web. So, generally, we at the TT-CSIRT, recommend that you don’t pay,” he said.

 

The T&T Chamber of Industry and Commerce has expressed concern about the prevalence of cyberattacks and wants business owners and the public to be vigilant

 

“We are hearing that so many companies in Trinidad have been affected and it is really alarming. All I can really recommend at this point in time is really to make sure you have adequate protections. Make sure that your anti-virus and preventative measures are updated frequently,” said CEO Stephen de Gannes.

 

Contacted for comment, T&T Police Service (TTPS) public information officer Michelle Lewis said the police had not received any reports of a cyber attack at Courts.

 

Last month there was a data breach at TSTT in which 6 GB of data was stolen and sold on the dark web, including information on Prime Minister Dr Keith Rowley.