Cyber incident may cost Empire supermarket chain $25 million

Canadian supermarket chain Empire Co. may have to take a charge of C$25 million to its finances for costs not covered by cyber insurance from the cyber attack it suffered last month.

The Nova Scotia company, which owns the Sobeys, IGA, FreshCo, Farm Boy and other brands, made the statement Thursday in a news release accompanying its latest quarterly financial results. It had net earnings of over C$189 million in the quarter on sales of C$7.6 billion.

Empire continues to be mum about what kind of “cyber incident” it suffered, although several media outlets, including Bleeping Computer, say it was ransomware.

Over a month later, the company is still systematically bringing information and administrative systems back online in a controlled, phased approach, the statement says.

“Empire has been able to operate its retail network with little disruption and no disruption to the supply chain,” it adds. “This cybersecurity event and the precautionary response caused some temporary problems. For example, pharmacy services were shut down for four days while some in-store services, such as self-checkouts, gift cards and redemption of Scene+ points were impacted for approximately one week. Other than this, customers would have noticed very few changes to their normal shopping experience.”

Upon discovery of the incident on Nov. 4, Empire activated its incident response and business continuity plans, the statement said, including the retention of outside experts. It isolated the source of the attack and implemented measures to prevent its further spread.

That included shutting certain IT systems “out of an abundance of caution.” During restoration efforts, the company established certain workaround processes to ensure continuity of supply, costing and retail pricing.

“The company takes the protection of personal information as critically important,” the statement also says. “The company continues to investigate this matter and, if a conclusion is reached that applicable data has been removed from the Company’s systems, the company will take all required steps with privacy regulators and impacted individuals.”

“This cybersecurity event has reinforced the importance of the investments already made in the cybersecurity area, as well as upcoming investments in the IT systems and people,” it adds. “Continuous enhancement of the company’s IT infrastructure will strengthen its defense against future such incidents.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Featured Reads