Magnolia

The Magnolia chain has 160 stores in Moscow and the Moscow region.

The Magnolia network uses the centralized architecture of the GESTORI Pro system, therefore, when the POS-FIT-FR cash system was integrated with the Svyaznoy-Club bonus system, Magnolia already had stable communication channels that combine the chain's stores with the company's central office. Thanks to this circumstance, as well as the presence of FIT's own team of highly qualified cash software developers, the integration of a large number of chain stores with the CFT processing center was carried out as soon as possible.

Since 2006, the Magnolia network has been using the DiAna: Digital Analytics Pro decision support system.

The Magnolia supermarket chain became the first domestic retail operator to introduce self-checkout. It is also noteworthy that Magnolia was the first to use self-checkout cash desks in the "shop at home" format in Russia. On July 9 and 10, SCO launches took place in the first two supermarkets of the chain in Moscow at the addresses: Bolshaya Fakelny Lane, 2/22 and Pokrovka Street, 43.

History

2024: Customer Data Breach

In the online store of the Magnolia supermarket chain, two customer data leaks occurred with an interval of several days. The first leak, affecting 252 thousand unique records, was revealed on June 24, 2024, the second, containing more than 256 thousand records, on July 2, 2024.

According to the Telegram Information Leaks channel, owned by the company, in DLBI both cases hackers gained access to database dumps. The arrays contain full names, delivery addresses, phone numbers, emails, order lines, hashed passwords and coupons for discounts of Magnolia customers.

According to ComNews, Roskomnadzor is checking information about a possible leak of Magnolia customer data. As of 16:00 on July 2, 2024, there were no notifications of leaks from the company to the department.

According to Infosecurity analyst Maxim Gryazev, hackers often return to already attacked systems if they know that the vulnerabilities have not been completely fixed.

According to a report by cybersecurity think tank Gazinformservice, the consequences for those affected by the leaks include getting into fraudulent databases, spreading personal information and the risk of compromising credentials. For companies, the main risks are related to the loss of reputation and possible lawsuits.

Experts point to systemic problems in the retail industry. Irina Zinovkina, head of analytical research at Positive Technologies, notes that in the incomplete first half of 2024, 80% of successful attacks on retail ended in leakage of confidential information.

Experts at the cybersecurity think tank emphasize the need to improve the culture of data handling in retail and the importance of investing in cybersecurity to protect customer and business information.^[1]

Notes