South Korean fashion and retail conglomerate E-Land Group has suffered a ransomware attack over the weekend, which forced the retail giant to temporarily shut down operations at almost half of its stores in the country, Yonhap News Agency reported.

The incident took place on the morning of November 22, Chang-Hyun Seok, CEO of E-Land Retail, confirmed the cyber attack and said that the ransomware targeted systems at the E-Land headquarters.

To contain the spread of the ransomware the company shut down a portion of its IT system, temporarily halting operations at 23 of its 50 branches of NC Department Store and NewCore Outlet. E-Land official said that the attack did not impact customer and other sensitive data because it is encrypted and stored on separate servers.

Currently, it is unknown which ransomware group is responsible for the attack. The investigation into the matter is still ongoing.

Since last year, more and more ransomware gangs have been starting to adopt a so-called double-extortion tactic stealing unencrypted files and threatening to release them if not paid a ransom. The Ragnar Locker ransomware crew went even further and hacked into a Facebook accounts to run an extortion ad.