Company Details
shopritegroup
43,031
572,054
43
shopriteholdings.co.za
0
THE_2378372
In-progress


The Shoprite Group of Companies Company CyberSecurity Posture
shopriteholdings.co.zaThe Shoprite Group is the largest retailer in Africa, known for its iconic supermarket brands Shoprite, Checkers and Usave. Starting with just eight stores and 400 employees in 1979, our business is now the continent’s industry leader by market capitalisation, sales, profit, and number of employees and customers. The Group’s core business is food retailing, complemented by value-added retail services and offering across a range of industries including technology, financial, pharmaceutical, furniture, telecommunication as well as ticketing businesses. The Group’s almost 163 000 employees are constantly finding solutions, driving innovation and technological advancements to reshape the retail industry. With the use of data science and artificial intelligence, our diverse mix of talent has transformed the retail landscape from traditional brick-and-mortar shops to multi-channel platforms where customers can experience frictionless and more personalised shopping. In addition to our commercial ventures, the Group is committed to sustainability and being a responsible citizen. The Group’s extensive sustainability initiatives reduce the environmental impact of our operations, improve the lives of the communities we operate in and help develop small suppliers. Since our inception, our purpose has always been to uplift lives every day by pioneering access to the most affordable goods and services, creating economic opportunity and protecting our planet. Join the leaders in retail innovation.
Company Details
shopritegroup
43,031
572,054
43
shopriteholdings.co.za
0
THE_2378372
In-progress
Between 750 and 799

SGC Global Score (TPRM)XXXX

Description: The Shoprite Group suffered a data breach incident that compromised names and ID numbers, of some of its customers who engaged in money transfers to and within Eswatini and within Namibia and Zambia. They immediately launched an investigation with forensic experts and other data security professionals to establish the origin, nature, and scope of this incident and took additional security measures to protect against further data loss.


No incidents recorded for The Shoprite Group of Companies in 2026.
No incidents recorded for The Shoprite Group of Companies in 2026.
No incidents recorded for The Shoprite Group of Companies in 2026.
SGC cyber incidents detection timeline including parent company and subsidiaries

The Shoprite Group is the largest retailer in Africa, known for its iconic supermarket brands Shoprite, Checkers and Usave. Starting with just eight stores and 400 employees in 1979, our business is now the continent’s industry leader by market capitalisation, sales, profit, and number of employees and customers. The Group’s core business is food retailing, complemented by value-added retail services and offering across a range of industries including technology, financial, pharmaceutical, furniture, telecommunication as well as ticketing businesses. The Group’s almost 163 000 employees are constantly finding solutions, driving innovation and technological advancements to reshape the retail industry. With the use of data science and artificial intelligence, our diverse mix of talent has transformed the retail landscape from traditional brick-and-mortar shops to multi-channel platforms where customers can experience frictionless and more personalised shopping. In addition to our commercial ventures, the Group is committed to sustainability and being a responsible citizen. The Group’s extensive sustainability initiatives reduce the environmental impact of our operations, improve the lives of the communities we operate in and help develop small suppliers. Since our inception, our purpose has always been to uplift lives every day by pioneering access to the most affordable goods and services, creating economic opportunity and protecting our planet. Join the leaders in retail innovation.


Founded in 1930, Publix Super Markets is the largest and fastest-growing employee-owned supermarket chain in the United States. Publix employs over 200,000 associates. We are privately-owned, hold no long-term debt, have avoided layoffs, and continue to grow year after year. Publix and our associate

Mercadona is a leading company of physical supermarkets in Spain with an online service, with over 1,610 stores and more than 5.9 million households as customers. Additionally, it has 60 stores in Portugal, with a presence in nine different districts. A family-owned company, its objective is to off

Stop & Shop has been around for more than 100 years. We started small, as a corner grocery store back in 1914. And we’ve grown…a lot. We have more than 50,000 Associates in 350+ stores throughout Massachusetts, Connecticut, Rhode Island, New York, and New Jersey. Through that change, our values have

We are one of the largest food retail companies in Brazil. We were pioneers with a multi-format and multi-channel business model that brings together renowned chains and brands such as Pão de Açúcar and Extra, Minuto Pão de Açúcar, Pão de Açúcar Fresh and Mini Extra. In addition to our own and exclu

Built on a foundation of professional expertise and personal service, Shoppers Drug Mart has been meeting Canadians' health care needs for 50 years. What was once a small pharmacy in Toronto has grown into an organization of over 1,200 stores from coast to coast, becoming an indelible part of the l

Lidl s’est implanté en France en 1989. Nous avons connu une expansion très rapide qui nous a permis de devenir un acteur incontournable de la grande distribution. Lidl France, c’est aujourd’hui 45 000 collaborateurs, plus de 1 570 magasins, 25 Directions Régionales et un siège social sur 2 sites :

We’re the largest employee owned business in the UK and home of our cherished brands, John Lewis and Waitrose. We’re not just employees, we’re Partners, driven by our purpose to build a happier world. As we look to our future, there’s never been a more exciting time to join us. We’re ruthlessly fo
Target is one of the world’s most recognized brands and one of America’s leading retailers. We make Target our guests’ preferred shopping destination by offering outstanding value, inspiration, innovation and an exceptional guest experience that no other retailer can deliver. Target is committed to

Fozzy Group is one of the largest trade industrial groups in Ukraine and one of the leading Ukrainian retailers, with over 700 outlets all around the country. Besides retail, the group's businesses include food production, and restaurants. Fozzy Group is introducing modern solutions in all areas
.png)
Shoprite Group's on-demand grocery delivery platform, Sixty60, has fulfilled over 100 million orders since its launch in November 2019,...
Shoprite's non-restated revenue growth has slowed from 16.9% in 2023 to 4.3% in 2025. However, there were big positives associated with this...
Absa and the Shoprite Group have a new rewards partnership, with Absa customers potentially getting up to 60% back until October.
Woolworths Food operates in the high-end food retail space and is expected to have a higher profit margin than Shoprite, which includes budget stores.
South Africa's fourth-largest mobile network operator, Cell C, has confirmed that its data was leaked on the dark web following a cyberattack last year.
The telco confirms the data compromised in the recent cyber security incident has been unlawfully disclosed by RansomHouse.
Checkers is taking over yet another retail store previously home to a Pick n Pay, with the Shoprite-owned company continuing to benefit from...
While major retail groups like Pick n Pay, SPAR and even Italtile are closing down non-performing or hard-hit stores in South Africa, the Shoprite Group is...
Shoprite Checkers, South Africa's largest and most successful retailer, is selling its shopping centres across the country.

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of The Shoprite Group of Companies is https://www.shopriteholdings.co.za.
According to Rankiteo, The Shoprite Group of Companies’s AI-generated cybersecurity score is 772, reflecting their Fair security posture.
According to Rankiteo, The Shoprite Group of Companies currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, The Shoprite Group of Companies has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
According to Rankiteo, The Shoprite Group of Companies is not certified under SOC 2 Type 1.
According to Rankiteo, The Shoprite Group of Companies does not hold a SOC 2 Type 2 certification.
According to Rankiteo, The Shoprite Group of Companies is not listed as GDPR compliant.
According to Rankiteo, The Shoprite Group of Companies does not currently maintain PCI DSS compliance.
According to Rankiteo, The Shoprite Group of Companies is not compliant with HIPAA regulations.
According to Rankiteo,The Shoprite Group of Companies is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
The Shoprite Group of Companies operates primarily in the Retail industry.
The Shoprite Group of Companies employs approximately 43,031 people worldwide.
The Shoprite Group of Companies presently has no subsidiaries across any sectors.
The Shoprite Group of Companies’s official LinkedIn profile has approximately 572,054 followers.
The Shoprite Group of Companies is classified under the NAICS code 43, which corresponds to Retail Trade.
Yes, The Shoprite Group of Companies has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/shoprite-holdings.
Yes, The Shoprite Group of Companies maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/shopritegroup.
As of January 24, 2026, Rankiteo reports that The Shoprite Group of Companies has experienced 1 cybersecurity incidents.
The Shoprite Group of Companies has an estimated 15,596 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with forensic experts, third party assistance with data security professionals..
Common Attack Types: The most common types of attacks the company has faced is Breach.

Data Compromised: Names, Id numbers
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Id Numbers and .

Entity Name: Shoprite Group
Entity Type: Retail
Industry: Retail
Location: EswatiniNamibiaZambia

Incident Response Plan Activated: True
Third Party Assistance: Forensic Experts, Data Security Professionals.
Third-Party Assistance: The company involves third-party assistance in incident response through Forensic experts, Data security professionals, .

Type of Data Compromised: Names, Id numbers

Investigation Status: Ongoing
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Forensic Experts, Data Security Professionals, .
Most Significant Data Compromised: The most significant data compromised in an incident were Names, ID numbers and .
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was forensic experts, data security professionals, .
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names and ID numbers.
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
.png)
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.

Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.