Activewear retailer In Sport had its head office server and computers ransomwared in May, as cyber crime during COVID-19 escalates.
In a letter to customers, it revealed the attack was detected on May 16 but it was unknown what files hackers accessed.
On discovering the virus, In Sport immediately took its head office system offline.
In Sport’s online systems were unaffected and retail sites continued to trade as each operated an independent system.
The company also revealed it did not store passwords or credit card information.
According to ITWire, a limited set of data from the company has been published on the dark web by the attackers.
The fact that data from has been put online indicates that the company has not responded to the initial ransom demand from the attackers, according to the report.
In Sport brought in external IT and security specialists to isolate and rebuild its head office system.
While it was able to restore its systems from backup, the retailer was uncertain what files the virus has accessed and urged customers to be on alert for unusual emails or activity around their personal information.
“The information that may be taken includes email addresses, shipping address, and phone numbers,” it said in its email to customers.
Since March 2020, the ACCC has recorded a rise in the number of cyber crime incidents in Australia.