Menu
Browse

Vhive Retail Furniture Chain

Aliases: 2 aliases
Primary URL Location Industry
vhive[.]com[.]sg
Country Singapore
Retail Icon
Retail
Profile

Vhive is a retail furniture chain headquartered in Singapore, offering a range of home furnishings and related products to consumers. It operates within the Singaporean retail sector, focusing on furniture sales through its chain of outlets. The company’s core business involves sourcing, displaying, and selling furniture items for consumer use. As a retail chain, it maintains multiple storefronts to serve its customer base.

The provided information does not specify the exact number of outlets, employees, or annual revenue for Vhive. Therefore, only its headquarters location in Singapore is confirmed. The organisation is identified as a Singaporean retail furniture chain, indicating its primary market is the local Singaporean consumer base. No further quantitative details about its size or reach are available in the source material.

Vhive’s notable attribute in the public record is its involvement in a significant cybersecurity incident in March 2021. During that breach, the ALTDOS threat group gained unauthorized access to its systems using a double extortion approach. The incident exposed over 300,000 customer records along with transactional and payment documentation, while national identification numbers and financial data were reported as unaffected. The company restored operations from backups but allegedly left critical vulnerabilities unpatched, leading to subsequent attacks that included source code exfiltration and server file encryption.

The source material does not disclose any information about Vhive’s ownership structure, parent company, or subsidiary relationships. Consequently, no details about corporate ownership or affiliations can be included in this profile. The organisation remains described solely as an independent retail furniture chain based in Singapore.

Threat actors provided proof of compromise by sharing video evidence of directory access and redacted database records. The encryption employed in the later stage of the attack was noted to potentially involve AES-256 rather than conventional ransomware payloads. These details highlight the technical nature of the breach and the methods used by the attackers. The episode underscores the importance of addressing security gaps after an initial intrusion to prevent further compromise.

Incidents
Linked incidents available to members
1 incident