NCR Corp, a PoS and ATM technology retailer has been struck by a ransomware attack causing outages to some of its services.
NCR added that the incident was limited to the specific functions of its Aloha cloud-based services and its Counterpoint product. No customer systems or network were involved, nor did the ransomware attack affect the company’s ATM, digital banking, payments, or other retail products.
Though the attacker details not revealed, it is reported that the BlackCat/ALPHV ransomware gang has claimed responsibility for the attack. However, in an interesting twist, the ransomware gang claims not to have stolen data but credentials that it’s using as leverage to receive a ransom payment.
Here in this case, it appears on April 13 in a single data center that DFW (assuming Dallas Fort Worth) data center is the core of the attack. However, since that serves many POS systems in the hospitality industry, the impact is widespread.
BlackCat/ALPHV has also been linked to a ransomware attack on Western Digital Corp. last week. However, neither the Western Digital attack nor the NCR one is listed on the group’s dark web hacking site as of the time of writing.