Sam’s Club investigates possible C10p ransomware breach

• Ransomware gang C10p appears to have claimed its latest victim
• Sam's Club - Walmart wholesale club is investigating the breach
• The breach is most likely part of an earlier exploitation of a Cleo File Transfer vulnerability

Infamous ransomware gang C10p has posted files it claims belong to Walmart-owned membership organization Sam’s Club. The group posted a message on a dark leak site claiming “the company doesn't care about its customers, it ignored their security!!!”

This is the latest development in an earlier attack from late in 2024, where a vulnerability in Cleo File Transfer led to the compromise of at least two dozen organizations, with C10p claiming responsibility for stealing the information.

Researchers from CyberNews discovered the leaked information, but were told by Sam’s Club that there is currently no evidence of a security incident or intrusion, although the issue is being investigated.

Monitor your credit score with TransUnion starting at $29.95/month

TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.

Preferred partner (What does this mean?)

View Deal

Ransomware resurgence

Sam’s club claims to have over 70 million members, and over 2 million employees, with locations across North and Central America.

Sam’s Club customers can fill medical prescriptions and offer health screenings, which means the breach may have exposed extremely sensitive customer health information. Its suspected hackers intercepted the personal data of around 100,000 employees in the breach, although the scope of the compromise isn't yet known.

C10P is a notorious ransomware gang, and has been so prolific that it is fuelling a resurgence in ransomware in 2025, claiming responsibility for 385 attacks in the first few weeks of the year.

"The Clop ransomware gang are still making hay while the vulnerable secure file transfer sun continues to shine for them, raking in around half a billion dollars to date – quite a staggering success story," confirmed Matt Aldridge, Senior Principal Solutions Consultant at OpenText Cybersecurity.

"This continues an increasing trend we are seeing of ransomware gangs focusing on extortion based on data theft rather than purely on denied access to data through the use of encryption."

The group was formed in 2019, and has since been responsible for one of the biggest cyberattacks of 2023 - a breach that saw the data of over 600 organizations stolen, with more than 40 million customers affected.

You might also like

• Take a look at our picks for the best malware removal software around
• Check out our choice for best antivirus software
• One of the most powerful ransomware hacks around has been cracked using some serious GPU power