By Sara Orlos Fernandes, Isabel Pfannkuche and Matthias Lukaschewitsch
Threatening cyber attack on the Kaufhaus des Westens (KaDeWe): Russian cyber criminals not only hacked Germany’s most famous luxury department store, but also blackmailed it!
When asked by BZ, the Berlin police confirmed that “criminal proceedings have been initiated for attempted extortion.” The usual scam used by the hacker group “Play Ransomware”: It fishes employee and customer data, encrypts it and then demands a ransom.
If the requirement is not met, the data will be published on the Darknet, the anonymous part of the Internet. A potential danger for KaDeWe customers!
Dagmar W. (62): “I’m paying by card today. I didn’t know there was an attack. I didn’t even notice.” Photo: Ralf Günther
Cybersecurity expert Simran Mann (27) from the digital association Bitkom eV says to BZ: “The question is: Which customer data is affected? If they are email addresses, you can expect further phishing attacks. If it’s payment data, someone could also try to use it to buy things online.”
It is still unclear whether the hackers were actually able to access customer data. The police spokesman: “Due to the ongoing investigation, no further information can be provided at the moment.”
Tina K. (74) from Wilmersdorf and Karl K. (79) from Steglitz: “We ate in the restaurant and paid with our cell phone. Although nothing was explained to us about the hacker attack, we are not afraid. We asked for a receipt.” Photo: Ralf Günther
After the hacker attack on the night of Thursday to Friday, KaDeWe took various security measures. Among other things, “all of the KaDeWe Group’s IT systems were put into offline emergency mode”.
According to several customers, card payments did not work at times while shopping. On Tuesday night, the department store announced: “The emergency operation has now been lifted in the stores.”
Nevertheless, not everything was back to normal on Tuesday. Only cash payment was possible in the Israeli restaurant. Although card payments worked again in the bakery department, almost everyone preferred to use cash. The old EC devices were replaced in the toy department. An employee: “The new card devices are secure and not connected to the old system.”
The computer system at KaDeWe was attacked by Russian hackers on the night from Thursday to Friday Photo: Ralf Günther
But how could the virus get into the luxury department store in the first place? The security expert: “The most likely approach is still phishing attacks via email – for example to the administrative department with higher access rights.
In a large company, the business areas are usually isolated, so an email to a cashier wouldn’t be particularly promising.” A small click on the wrong link could now cost the luxury department store a fortune…
Staff informed customers about the cyber attack
On the night of November 2nd to 3rd, Russian hackers attacked KaDeWe. Read what BZ reporters experienced.
Saturday, November 4th, 2 p.m., 6th floor: The gourmet department is busy like every Saturday. The tables in the restaurants are well occupied, locals and tourists stroll through the food department.
The friendly salesman greets everyone at the fish counter: “Today you can only pay in cash.” Incredulous amazement. After all, the gourmet section is an expensive place and not everyone has that much cash with them. And then he adds: “Card payments have stopped throughout the whole house. We were hacked.”
Monday, November 6th, 12 p.m., 4th floor: “Unfortunately, card payments are only possible at one checkout on each floor at the moment,” says the friendly saleswoman. The waiting customers are already piling up. A colleague advises: “You can also go around the corner.”
Luxury on six floors. The luxury brand Bulgari also sells its bags at KaDeWe Photo: Getty Images
There a gentleman tries out all the debit and credit cards he owns. He has many. Doesn’t work. As impatience grows in line, the employee explains: “We had a hacker attack.” How long ago was that? “Since Thursday.” The damage is immense, she adds sadly.
Five hours later. While the entire staff is already informing customers about the cyber attack, a KaDeWe spokeswoman lies to BZ: “We have had internet problems since Saturday, that’s true. Unfortunately, I don’t have any information about why that is.”
It wasn’t until the night from Monday to Tuesday that management came out with the truth.