UPDATED 21:39 EST / JULY 12 2021

SECURITY

Clothing retailer Guess informs customers of February data breach

Clothing retailer Guess? Inc. has informed affected customers of a data breach in February that involved the theft of data.

The information was detailed in a letter sent to customers, according to Bleeping Computer today, that states it discovered a “cybersecurity incident designed to encrypt files and disrupt business” on Feb. 19. Without Guess using the specific word, that’s a description of a ransomware attack.

The company noted that after launching an investigation, it was determined that there was unauthorized access to certain Guess systems between Feb. 2 and Feb 23. On May 26, the investigation then determined that personal information relating to individuals may have been accessed or acquired by an “unauthorized actor.” That information includes Social Security numbers, driver’s license numbers, passport numbers and financial account numbers.

In a usual check box to a ransomware attack response, Guess said it had notified law enforcement, implemented additional security measures and offered complimentary one-year membership to a credit protection service.

Although Guess hasn’t named the group the attack, DataBreach.net attributed the attack on Guess to the DarkSide ransomware group in April. That group was initially best known for donating some proceeds from its ransomware attacks to charity in October but became far better known after being tied to the high-profile breach at Colonial Pipeline Co. in May.

DarkSide subsequently announced that it was ending operations the same month, which begs the question: Where did the Guess data go?

DataBreaches.net noted that when it first spoke to DarkSide operators in April, the group claimed to have 200 gigabytes of data stolen from Guess but that data was never dumped in the open. “Is it in the hands of an affiliate? Was it on a server that got seized?” DataBreaches.net wrote before adding that DarkSide did say it would hand over its decryption tools to affiliates.

Whether those affiliates received a decryption key for the Guess data is not known. That Guess is just now informing customers of the data breach could be a coincidence, or perhaps the data has now been decrypted and accessed by a DarkSide affiliate.

Photo: Bargainmoose/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU