Staff became aware of the breach when their internal employee portal 88sears failed to load due to a server error.
Egregor has claimed responsibility for the attack in their ransom note. The cybercriminal group adopts a double-extortion model to successfully convince victims to pay their ransom price. Breached sensitive data is continuously published onto the dark web and exposed to other criminals on the network. This process does not stop until the ransom price is paid.
Kmart is yet to confirm the details of the breached data.
This event is particularly troublesome to the already struggling retailer on the cusp of a busy spending season.