RansomHouse, a ransomware gang, has claimed responsibility for the cyberattack on Shoprite, Africa’s largest retailer.

The attack, which Shoprite confirmed a week ago, compromised customer data in Eswatini, Namibia and Zambia, the company said. Shoprite said the data breach “included names and ID numbers, but no financial information or bank account numbers.”

In messages posted on RansomHouse's Telegram channel and seen by TechCrunch, the gang, which is said to be targeting companies with weak security, claimed to have obtained 600 gigabytes of data from Shoprite. It said to have collected personal data that was “in plain text/raw photos packed in archived files, completely unprotected.”

The group also claimed to have contacted Shoprite’s management for negotiations, and hinted that it will sell the data and make some of it public if the talks failed.

TechCrunch reached out to Shoprite to confirm if RansomHouse had made contact with them, and to get more details including the number of customers affected by the attack, but the retailer declined to comment while referring us to this statement they posted following the incident.

In the statement, the retailer said investigations were ongoing and that it had notified the information regulator at its headquarters in South Africa (SA).

“An investigation was immediately launched with forensic experts and other data security professionals to establish the origin, nature, and scope of this incident,” said Shoprite.

“Additional security measures to protect against further data loss were implemented by amending authentication processes and fraud prevention and detection strategies to protect customer data. Access to affected areas of the network has also been locked down,” it said.

The group urged affected customers to take precautionary measures while saying that it had not noted any misuse or publication of the data.