Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireCybersecurity News

Kmart suffers cyberattack by the Egregor ransomware operation

By Maria Henriquez
hacking cyber
December 7, 2020

Department store chain Kmart has suffered a cyberattack by the Egregor ransomware operation, resulting in the encryption of devices and servers connected to the company’s networks.

According to Bleeping Computer, online stores continue to operate, but the 'Transformco Human Resources Site,' 88sears.com, is currently offline, leading employees to believe the outage is caused by the recent ransomware attack.

Sean Gallagher, senior threat researcher at Sophos, says, “Ransomware operators are going to target retailers during the holiday season because that’s where the money is—retailers can’t afford to lose business this year, and are more likely to quickly pay, in the minds of cybercriminals."

Gallagher explains, "Egregor is a Ransomware as a Service – we’ve seen multiple actors deploying it, using a variety of tactics. It is essentially a rebranded and slightly modified version of the Sekhmet ransomware we saw emerge earlier this year, packaged for affiliates. Egregor’s tactics are similar to that of Maze and REvil, in that data is stolen before files are encrypted to be used to extort a quick payment from victims—generally, victims are only given 3 days to pay before the Egregor gang publishes part of the data or, they claim, sells it on criminal marketplaces.”

Bleeping Computer notes that it is unknown if attackers stole data, how many devices were encrypted, or the exact amount of money that was demanded by the attackers. Recent victims attacked by Egregor include Cencosud, Crytek, Ubisoft, and Barnes and Noble, reports Bleeping Computer. 

Tyler Reese, Senior Product Manager at One Identity, says that it’s important for companies to know that even if they pay the ransom, which they shouldn’t, it doesn’t mean they’ll get the information back.

Reese explains, "Hackers have been increasingly turning to ransomware-as-a-service, which means that the attacker may not have the ability to release the information allowing it to be available on the dark web forever. Instead of paying the ransom, organizations should look towards malware removal or executing a recovery plan. However, malware removal isn’t always possible and a recovery plan could cause more downtime than an organization simply can afford. The only option to avoid paying the ransom would be to prevent the attack altogether by having the right security measures in place."

He adds, "The first step of an effective security strategy is to know your enemy. Ransomware attacks find their way around internet security suites, commonly through phishing, to gain access to privileged credentials. Organizations are able to combat this by protecting their data with a strong privileged access management (PAM) strategy. PAM strategies protect companies’ data even if hackers are able to successfully execute a phishing attack by leveraging password vaults, monitoring and recording privileged sessions, using behavioral biometrics and following the principle of least privilege.”

 

KEYWORDS: cyber security hackers retail security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Security Leadership and Management
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Security Leadership and Management
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • kitchen-freepik1170x658.jpg

    Meyer suffers cyberattack by Conti ransomware

    See More
  • ransomware-attack freepik

    6 Clop ransomware operation suspects arrested in Ukraine

    See More
  • telecom-security-freepik1170x658v90.jpg

    Ukraine's national telecoms operator suffers cyberattack

    See More

Related Products

See More Products
  • The Database Hacker's Handboo

  • Risk Analysis and the Security Survey, 4th Edition

  • Physical Security and Safety: A Field Guide for the Practitioner

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing