BleepingComputer reports that Walmart has dismissed that it was attacked by the Yanluowang ransomware operation after the group claimed on its data leak site that it had breached the retailer's Windows domain, encrypting 40,000 to 50,000 devices in the process.
"We believe this claim is inaccurate and are not aware of a successful attack in this regard on our devices," said a Walmart spokesperson in a statement, which also noted that its systems are being monitored around the clock by its information security team.
However, Yanluowang insists that it was able to infiltrate Walmart's systems last month and while the attack did not involve any data theft, it asked for a $55 million ransom from Walmart, to which the retailer did not respond.
Several files claimed to be associated with the attack on Walmart have been posted on Yanluowang's data leak site, including a domain user list, security certificate, and kerberoasting attack output. Walmart has yet to comment on the legitimacy of the leaked files.
BleepingComputer reports vulnerable ConnectWise ScreenConnect servers impacted by the CVE-2024-1708 and CVE-2024-1709 flaws were observed by Sophos X-Ops researchers to have been subjected to numerous LockBit ransomware attacks since Feb. 21 .