SGC
Company Details
Linkedin ID:
shopritegroup
Employees number:
28,242
Number of followers:
395,351
NAICS:
43
Industry Type:
Homepage:
shopriteholdings.co.za
IP Addresses:
0
Company ID:
THE_2378372
Scan Status:
In-progress
The Shoprite Group of Companies Company CyberSecurity Posture
shopriteholdings.co.za
The Shoprite Group is the largest retailer in Africa, known for its iconic supermarket brands Shoprite, Checkers and Usave. Starting with just eight stores and 400 employees in 1979, our business is now the continent’s industry leader by market capitalisation, sales, profit, and number of employees and customers. The Group’s core business is food retailing, complemented by value-added retail services and offering across a range of industries including technology, financial, pharmaceutical, furniture, telecommunication as well as ticketing businesses. The Group’s almost 161 000 employees are constantly finding solutions, driving innovation and technological advancements to reshape the retail industry. With the use of data science and artificial intelligence, our diverse mix of talent has transformed the retail landscape from traditional brick-and-mortar shops to multi-channel platforms where customers can experience frictionless and more personalised shopping. In addition to our commercial ventures, the Group is committed to sustainability and being a responsible citizen. The Group’s extensive sustainability initiatives reduce the environmental impact of our operations, improve the lives of the communities we operate in and help develop small suppliers. Since our inception, our purpose has always been to uplift lives every day by pioneering access to the most affordable goods and services, creating economic opportunity and protecting our planet. Join the leaders in retail innovation.
The Shoprite Group of Companies A.I CyberSecurity Scoring
SGC Risk Score (AI oriented)Between 750 and 799
SGC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
SGC Global Score (TPRM)XXXX
SGC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
SGC Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
The Shoprite Group of Companies
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Shoprite Group suffered a data breach incident that compromised names and ID numbers, of some of its customers who engaged in money transfers to and within Eswatini and within Namibia and Zambia. They immediately launched an investigation with forensic experts and other data security professionals to establish the origin, nature, and scope of this incident and took additional security measures to protect against further data loss.
SGC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for SGC
Incidents vs Retail Industry Average (This Year)
No incidents recorded for The Shoprite Group of Companies in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for The Shoprite Group of Companies in 2025.
Incident Types SGC vs Retail Industry Avg (This Year)
No incidents recorded for The Shoprite Group of Companies in 2025.
Incident History — SGC (X = Date, Y = Severity)
SGC cyber incidents detection timeline including parent company and subsidiaries
SGC Company Subsidiaries
The Shoprite Group is the largest retailer in Africa, known for its iconic supermarket brands Shoprite, Checkers and Usave. Starting with just eight stores and 400 employees in 1979, our business is now the continent’s industry leader by market capitalisation, sales, profit, and number of employees and customers. The Group’s core business is food retailing, complemented by value-added retail services and offering across a range of industries including technology, financial, pharmaceutical, furniture, telecommunication as well as ticketing businesses. The Group’s almost 161 000 employees are constantly finding solutions, driving innovation and technological advancements to reshape the retail industry. With the use of data science and artificial intelligence, our diverse mix of talent has transformed the retail landscape from traditional brick-and-mortar shops to multi-channel platforms where customers can experience frictionless and more personalised shopping. In addition to our commercial ventures, the Group is committed to sustainability and being a responsible citizen. The Group’s extensive sustainability initiatives reduce the environmental impact of our operations, improve the lives of the communities we operate in and help develop small suppliers. Since our inception, our purpose has always been to uplift lives every day by pioneering access to the most affordable goods and services, creating economic opportunity and protecting our planet. Join the leaders in retail innovation.
Loading...
SGC Similar Companies
Dollarama
Dollarama was founded by third-generation retailer and Canadian entrepreneur, Larry Rossy. It all started with one store, in Matane, Quebec, in 1992, and quickly grew over the next two decades to become a household name and shopping destination for Canadians from coast to coast. Dollarama today is
As we reinvent ourselves to fit the diversity of America, we are looking for motivated, talented people who can emerge as Warriors in our organization. JCPenney offers an inclusive environment and culture where you can find and define yourself - your style, your purpose and your career. We know s
H-E-B
H-E-B is headquartered in San Antonio, Texas with approximately $32 billion in revenue and 117,000+ Partners. Founded in 1905, H-E-B operates more than 400 stores in a number of formats, including superstores, supermarkets and gourmet markets. H-E-B is the #1 food retailer in the Austin, San Antoni
AS Watson
AS Watson Group, the world’s largest international health and beauty retailer, is operating over 17,000 stores under 12 retail brands in 31 markets, with over 130,000 employees worldwide. For the fiscal year 2024, AS Watson Group recorded revenue of over US$24 billion. Every year, we are serving ove
Premium Restaurant Brands
Premium Restaurant Brands cuenta con la marca Kentucky Fried Chicken en México con presencia a nivel nacional, teniendo más de 450 restaurantes tanto propios como franquicias, dentro de los cuales laboran más de 10,000 colaboradores que trabajan diariamente para brindar el mejor servicio y seguir
NAPA Auto Parts
Through nearly 6,000 auto parts stores and over 16,000 auto care and collision centers in the U.S., NAPA has America’s largest network of parts and care. The NAPA Network is supported by nationwide distribution centers with approximately 800,000 available parts, accessories and supplies. Widely reco
PT. Sumber Alfaria Trijaya, Tbk (Alfamart)
Alfamart was initiated in 1989 by Djoko Susanto and started its business in trading and distribution. In 1999, the company expanded to minimarket sector and now has become one of the largest retail chains in Indonesia. Having over 20.000 stores, 36 office branch, and more than 165.000 employees, Alf
Wakefern Food Corp.
A Mission That Makes Us Proud: From a small, local cooperative that began with eight grocery store owners, Wakefern Food Corp. has grown into the largest retailer-owned cooperative in the United States. Founded in 1946, the cooperative includes nearly 50 member families who today independently own
Fnac Darty est un leader européen de la distribution de biens culturels, de loisirs, de produits techniques, d’électroménager et de services. Le groupe, qui compte plus de 25 000 collaborateurs, dispose à fin 2022 d’un réseau de 987 magasins et se positionne comme un acteur majeur du e-commerce en F
.png)
SGC CyberSecurity News
October 15, 2025 07:00 AM
Shoprite’s Sixty60 surpasses 100 million orders
Shoprite Group's on-demand grocery delivery platform, Sixty60, has fulfilled over 100 million orders since its launch in November 2019,...
September 05, 2025 07:00 AM
Building the human firewall: Why addressing digital illiteracy is critical for cyber resilience
When employees and individuals aren't equipped with even just basic digital literacy, it becomes much harder to recognise a threat actor at...
April 29, 2025 07:00 AM
These top South African companies are offering bursaries for 2026
South Africa's top companies, including Shoprite, Sasol, Allan Gray, and FirstRand, are offering massive bursaries for the 2026 academic year.
April 10, 2025 07:00 AM
South African telecom provider serving 7.7 million confirms data leak following cyberattack
South Africa's fourth-largest mobile network operator, Cell C, has confirmed that its data was leaked on the dark web following a cyberattack last year.
April 09, 2025 07:00 AM
RansomHouse hackers disclose data stolen from Cell C
The telco confirms the data compromised in the recent cyber security incident has been unlawfully disclosed by RansomHouse.
January 10, 2025 08:00 AM
Cell C says RansomHouse hacking group has claimed responsibility for possible data breach
Cell C said that hacking group RansomHouse has claimed the "cybersecurity incident" it fell victim to last month.
January 10, 2025 08:00 AM
Details revealed about Cell C hack
Cell C has confirmed that the RansomHouse hacking group has claimed responsibility for breaching the mobile operator's systems. The company...
November 22, 2024 08:00 AM
Checkers cybersecurity kills Black Friday scam site
The South African retailer and subsidiary of the Shoprite Group have quickly taken down a fraudulent website selling scams to locals purporting to be Black...
November 15, 2024 08:00 AM
THE FRIDAY 5: Grocery Impact Leaves Its Mark on Industry; Ahold Delhaize USA Security Breach
Ahold Delhaize USA recently detected a cybersecurity issue within its US network, with affected banners including Hannaford Supermarkets and Food Lion.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
SGC CyberSecurity History Information
Official Website of The Shoprite Group of Companies
The official website of The Shoprite Group of Companies is https://www.shopriteholdings.co.za.
The Shoprite Group of Companies’s AI-Generated Cybersecurity Score
According to Rankiteo, The Shoprite Group of Companies’s AI-generated cybersecurity score is 771, reflecting their Fair security posture.
How many security badges does The Shoprite Group of Companies’ have ?
According to Rankiteo, The Shoprite Group of Companies currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does The Shoprite Group of Companies have SOC 2 Type 1 certification ?
According to Rankiteo, The Shoprite Group of Companies is not certified under SOC 2 Type 1.
Does The Shoprite Group of Companies have SOC 2 Type 2 certification ?
According to Rankiteo, The Shoprite Group of Companies does not hold a SOC 2 Type 2 certification.
Does The Shoprite Group of Companies comply with GDPR ?
According to Rankiteo, The Shoprite Group of Companies is not listed as GDPR compliant.
Does The Shoprite Group of Companies have PCI DSS certification ?
According to Rankiteo, The Shoprite Group of Companies does not currently maintain PCI DSS compliance.
Does The Shoprite Group of Companies comply with HIPAA ?
According to Rankiteo, The Shoprite Group of Companies is not compliant with HIPAA regulations.
Does The Shoprite Group of Companies have ISO 27001 certification ?
According to Rankiteo,The Shoprite Group of Companies is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of The Shoprite Group of Companies
The Shoprite Group of Companies operates primarily in the Retail industry.
Number of Employees at The Shoprite Group of Companies
The Shoprite Group of Companies employs approximately 28,242 people worldwide.
Subsidiaries Owned by The Shoprite Group of Companies
The Shoprite Group of Companies presently has no subsidiaries across any sectors.
The Shoprite Group of Companies’s LinkedIn Followers
The Shoprite Group of Companies’s official LinkedIn profile has approximately 395,351 followers.
NAICS Classification of The Shoprite Group of Companies
The Shoprite Group of Companies is classified under the NAICS code 43, which corresponds to Retail Trade.
The Shoprite Group of Companies’s Presence on Crunchbase
Yes, The Shoprite Group of Companies has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/shoprite-holdings.
The Shoprite Group of Companies’s Presence on LinkedIn
Yes, The Shoprite Group of Companies maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/shopritegroup.
Cybersecurity Incidents Involving The Shoprite Group of Companies
As of November 27, 2025, Rankiteo reports that The Shoprite Group of Companies has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
The Shoprite Group of Companies has an estimated 15,251 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at The Shoprite Group of Companies ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does The Shoprite Group of Companies detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with forensic experts, third party assistance with data security professionals..
Incident Details
Can you provide details on each incident ?
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach THE233928722
Data Compromised: Names, Id numbers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Id Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach THE233928722
Entity Name: Shoprite Group
Entity Type: Retail
Industry: Retail
Location: EswatiniNamibiaZambia
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach THE233928722
Incident Response Plan Activated: True
Third Party Assistance: Forensic Experts, Data Security Professionals.
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Forensic experts, Data security professionals, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach THE233928722
Type of Data Compromised: Names, Id numbers
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach THE233928722
Investigation Status: Ongoing
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Forensic Experts, Data Security Professionals, .
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, ID numbers and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was forensic experts, data security professionals, .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names and ID numbers.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=shopritegroup' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
