WineLab, the retail retailer of the biggest alcohol firm in Russia, has closed its shops following a cyberattack that’s impacting its operations and inflicting buy issues to its clients.
Its mum or dad firm, Novabev Group, knowledgeable earlier this week that hackers had breached its IT methods.
“On July 14, the group was subjected to an unprecedented cyberattack—a large-scale and coordinated operation carried out by hackers,” the corporate stated.
“Because of the incident, components of the IT infrastructure had been quickly disrupted, affecting the supply of sure companies and instruments utilized by the group and the WineLab chain.”
Novabev additionally states that the attackers requested a ransom fee however the firm declined to interact and says it gained’t adjust to the calls for.
A ransom demand usually signifies that the risk actor stole information from the corporate community or encrypted methods, however Novabev Group didn’t present further particulars.
As the corporate’s IT group works across the clock to resolve the issues created by the cyberattack, the web site stays offline as of publishing, and purchases through the cell app are more likely to be impacted too.
Supply: BleepingComputer
Novabev produces and distributes varied alcohol manufacturers for rum, vodka, bitter, brandy, gin, tequila, and vermouth, probably the most well-known of them being Beluga.
Russia’s largest liquor retailer
WineLab (VinLab in Russian) is without doubt one of the largest alcohol specialty retail chains in Russia, with 1000’s of bodily shops and a big presence on-line. As of June 2025, the corporate reported working not less than 1,800 areas throughout the nation. In April, Interfax reported that WineLab expanded its community by 23% in 2023, operating 2,041 shops.
The retail retailer is so large in Russia that the cyberattack on its methods is mentioned even on hacker boards, saying that the web supply system didn’t work.
In response to reviews from nationwide media, WineLab shops have additionally been closed since Monday, July 14, the day the corporate’s web site additionally shut down.
Novabev states that it has no proof that buyer private information was affected, though the investigation remains to be ongoing. Presently, no ransomware teams have claimed the assault.
Most main ransomware teams originating from Russia keep away from focusing on entities primarily based within the nation and within the CIS area. Nevertheless, this rule is getting ignored increasingly more. Some examples are lower-tier RaaS operations, the NB65 actors utilizing leaked Conti code, and the OldGremlin risk group.
Organizations in Russia are additionally a goal for risk actors exterior the nation. As an illustration, in Could 2022, Ukrainian hacktivists attacked a key alcohol distribution system in Russia referred to as EGAIS (ЕГАИС), which, after a number of days, led to precise product shortages on the cabinets of retail outlets throughout the nation.
Comprise rising threats in actual time – earlier than they affect your online business.
Find out how cloud detection and response (CDR) provides safety groups the sting they want on this sensible, no-nonsense information.
