13 July 2021

Fashion brand Guess reports data breach after a ransomware attack


Fashion brand Guess reports data breach after a ransomware attack

Guess, the well-known American clothing and fashion accessories retailer, has sent notification letters to a number of its customers affected by a data breach following a ransomware attack in February 2021.

“We recently detected unauthorized access to certain devices in our network and an attempt to encrypt our systems. We immediately activated our incident response plan, took measures to stop the access and launched an investigation. A cybersecurity forensic firm was engaged to assist with the investigation and identified unauthorized access to Guess’ systems between February 2, 2021 and February 23, 2021. On May 26, 2021, the investigation determined that personal information related to certain individuals may have been accessed or acquired by an unauthorized actor during that time,” Guess said.

The compromised data may have included customers’ Social Security numbers, driver's license numbers, passport numbers and/or financial account numbers ("Financial Account Number or Credit/Debit Card Number (in combination with security code, access code, password or PIN for the account))."

While the company did not provide any information about the threat actors behind the ransomware attack, DataBreaches.net reported in April that the DarkSide ransomware gang had added Guess to a list of their victims on their data leak site.

At the time, the ransomware operators claimed to have stolen more than 200 GB of data during the February attack, and posted a number of samples as proof.

“Guess?, Inc. recently concluded an investigation into a security incident that involved unauthorized access to certain systems on Guess?, Inc.’s network. We engaged independent cybersecurity firms to assist in the investigation, notified law enforcement, notified the subset of employees and contractors whose information was involved and took steps to enhance the security of our systems. The investigation determined that no customer payment card information was involved. This incident did not have a material impact on our operations or financial results,” Guess’ representative said in a statement to BleepingComputer.


Back to the list

Latest Posts

Malicious actors target Kubernetes clusters via Argo Workflows

Malicious actors target Kubernetes clusters via Argo Workflows

In the observed attacks the threat actors deployed a popular cryptocurrency mining container, kannix/monero-miner.
26 July 2021
Kaseya obtains a decryptor for victims of the REvil ransomware attack

Kaseya obtains a decryptor for victims of the REvil ransomware attack

It's not clear, if the company paid any ransom.
23 July 2021
Chinese cyber-spies use hacked routers in attacks against French organizations

Chinese cyber-spies use hacked routers in attacks against French organizations

The hackers are hijacking home routers to build a proxy botnet in order to hide the origins of their attacks.
22 July 2021