6.4M customer records stolen in hack of women’s fashion retailer SHEIN

Online women’s fashion retailer SHEIN Group Ltd. is the latest victim of hacking ,with 6.42 million customer records stolen.

Waiting a month to tell customers, SHEIN said that it had become aware on Aug. 22 “that certain personally identifiable information of its customers was stolen during a concerted criminal cyberattack on its computer network.”

The information stolen included email addresses and encrypted passwords of customers but did not include credit card information.

Providing no further details as to how the attack took place, SHEIN said it has hired “a well-known forensic cybersecurity firm as well as an international law firm to help it investigate the incident further.”

Ruchika Mishra, director of products and solutions at Balbix Inc., told SiliconANGLE that the breach occurred in June, but it was only discovered in late August.

“It’s clear that organizations like SHEIN rely heavily on reactive cybersecurity strategies that detect and control breaches in progress or after that fact — and often not fast enough,” she said. “What is really needed is a proactive strategy that enables organizations to avoid breaches in the first place — not two months after the fact.”

Mishra conceded that with the number of potential threat vectors and number of information technology assets increasing, it’s almost impossible for security teams to observe and analyze all potential security issues. But she noted, “This is where AI and deep learning can be leveraged to enhance the capabilities of human threat analysts. It’s not a human-sized problem anymore, and when these types of breach avoidance technologies are not in place, it’s no wonder threats can fall through the cracks.”

Zohar Alon, co-founder and chief executive officer of Dome9 Security Inc. added that with the holiday shopping season around the corner, breaches like this often result in low customer trust and reduced sales.

“In today’s world, personally identifiable information is extremely valuable and must be protected at all costs,” Alon said. “Every business is a target for hackers, and companies like SHEIN that own incredibly large customer databases must have continuous visibility into all of their assets, so they can quickly remediate potential threats and better protect consumer data.”

Image: SHEIN

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy