- Ransomware Gang C10P seems to have claimed its latest victim
- Sam’s Club – Walmart Wholesale Club is investigating the violation
- The violation is probably part of a previous exploitation of a CLEO file transfer vulnerability
The notorious ransomware gang C10P has sent files, it claims they belong to Walmart-owned member organization Sam’s Club. The group published a message on a dark leaking site that claimed “the company doesn’t care about its customers, it ignored their security !!!”
This is the latest developments in a previous attack from late in 2024, when a vulnerability in CLEO file transfer led to a compromise with at least two dozen organizations where C10P assumed the responsibility of stealing the information.
Researchers from Cybergenws discovered the leaked information, but were told by Sam’s Club that there is currently no evidence of a security event or intrusion, though the question is being investigated.
Ransomware -gene flare
Sam’s Club claims to have over 70 million members and over 2 million employees with locations over North and Central America.
SAM’s club customers can fill out medical prescriptions and offer health screening, which means the violation may have exposed extremely sensitive customer health information. Its suspect hackers captured the personal data of about 100,000 employees in the violation, although the extent of the compromise is not yet known.
C10P is a notorious ransomware band and has been so productive that it burns a resurgence in ransomware in 2025 and assumes responsibility for 385 attacks in the first few weeks of the year.
“The Clop Ransomware band still makes hay, while the vulnerable safe file transfer sun continues to shine for them and shake about half a billion dollars to date -a pretty staggering success story,” Matter Aldridge, Senior Principal Solutions consultant at OpentExt CyberSecurity.
“This continues an increasing trend that we see of ransomware -bands that focus on extortion based on data theft rather than purely on refused access to data using encryption.”
The group was formed in 2019 and has since been responsible for one of the largest cyberattacks in 2023 – a violation that saw the data from over 600 organizations stolen, with more than 40 million customers affected.
