Fashion retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft. The disclosure states that data including “Social Security numbers, driver’s license numbers, passport numbers and/or financial account numbers may have been accessed or acquired.” The company did not disclose how many individuals accounts were compromised, but the office of Maine’s Attorney General shows that the attack affected over 1,300 people.
Though the company did not report who had claimed responsibility for the attack, DataBreaches.net reported in April that the DarkSide ransomware gang had listed Guess on their data leak site, claiming to have stolen over 200 GB of data from the retailer. Experts with Gurucul and Shared Assessments offer perspective.
<div class=\"gmail_attr\" dir=\"ltr\"><span lang=\"EN-US\">The only question that matters is: how can a problem like this be prevented? The reason ransomware is so successful is that so few organisations are properly prepared. Organisations often focus solely on functionality when selecting, deploying, and operating software. They work hard to make software do what they want it to do, but security and robustness are often neglected or ignored.</span></div>
<div class=\"gmail_attr\" dir=\"ltr\">To prevent accidental or malicious disruptions, organisations must adopt a proactive, security-first approach to software. Where is your data? How is it protected? If something bad happens, like a ransomware attack or a tsunami, how will you recover? Software is a powerful tool for organisations of all kinds, but it must be selected, deployed, operated, and maintained inside a framework of security and resilience.</div>
<p>Important to note a significant percentage of ransomware also includes data exfiltration/leakage. And when this happens, not only there is a responsibility for companies to inform their customers of data leakage, but also many states require by law data breach notifications to customers [potentially] impacted.</p>
<p>It appears that Guess is taking the correct steps in dealing with this incident; however, I’m curious as to the maturity of their overall cybersecurity posture prior to this occurrence as they reportedly implemented “additional measures to boost its security protocols”. No organization can let their guard down and they must continue to be thorough in understanding the existing threat environment and research to anticipate how they can be affected in future attacks. Constant diligence is required to ensure you’re adequately prepared along with reviewing existing and new technologies to assist in reducing your attack profile.</p>
<p>Guess what? Your data is compromised. Your personal information is available on the dark web. Let’s take the guesswork out of this: with SSNs, passport numbers and driver’s license numbers taken, the victim’s personal data is likely already being used to create fake new identities and open a rash of new accounts. Identity theft protection for one year is a nice gesture but it won’t be enough to protect these victims in the long run. Guessing this will be a nightmare for all involved.</p>