SECURITY
SECURITY
SECURITY
Stolen data published following ransomware attack against fashion brand Moncler
Italian luxury fashion brand Moncler SpA has been struck by a ransomware attack that has resulted in the publication of stolen data.
The ransomware attack occurred in December, with the data stolen in the attack appearing this week on the dark web, a shady corner of the internet for illicit activity. A group by the name of AlphV/BlackCat is taking responsibility for the ransomware attack.
The data stolen included data relating to employees, former employees, supplies, consultants, business partners and customers, according to Bleeping Computer. The company said it had rejected paying the ransom demanded in the attack because it goes against its founding principles. The AlphV/BlackCat ransomware gang claims to have demanded $3 million not to publish the data.
Moncler did note that no data relating to credit cards or other means of payment were compromised, since the company doesn’t store such data on its systems. Moncler added that it was deeply sorry for what had happened and for any inconvenience or concern this situation may have caused to stakeholders. The company activated a team of cybersecurity experts at the time of the attack and has since strengthened its information technology security measures.
The Alphv/BlackCat ransomware group first emerged in December and was noted at the time as using the first professional ransomware strain that was coded in the Rust programming language and deployed against companies. According to Recorded Future, the gang advertises its software on a ransomware-as-a-service basis on cybercrime forums, inviting others to join it and launch attacks against large companies.
“How does an organization make a decision that impacts the private information of individuals?” Purandar Das, co-founder and chief executive officer at encryption-based security solutions company Sotero Inc., told SiliconANGLE. “Does the fact they are employed or in a commercial relationship with the organization give them the right to allow a criminal to publish it? Where does an organization’s responsibility lie in terms of protecting its employees from being impacted?”
Kim DeCarlis, chief marking officer at application protection form PerimeterX Inc. noted that data breaches are part of the web attack lifecycle and continue to fuel account takeover and credential-stuffing attacks.
“Therefore, we need to protect the apps that power our daily lives by disrupting the web attack lifecycle,” DeCarlis said. “This includes stopping the theft, validation and fraudulent use of account and identity information everywhere along the digital journey.”
Photo: Huichimai Fang/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
