Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Business News

FatFace sends controversial data breach email after ransomware attack

British clothing brand FatFace has sent a controversial ‘confidential’ data breach notification to customers after suffering a ransomware attack earlier this year.

This week, customers began receiving data breach notifications revealing that the popular lifestyle clothing brand, FatFace, had suffered a data breach after a cyberattack on January 17th, 2021.

What was controversial about the data breach notification is that it told recipients to “Please do keep this email and the information included within it strictly private and confidential.”

BleepingComputer has covered many data breaches. We have never seen a company asking a user to keep a data breach confidential and likely has no power to make that request.

As you can imagine, this single sentence led to quite an uproar on Twitter, with users baffled that the notification would include that type of language.

https://twitter.com/reiver_rover/status/1374711307560181764?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1374711307560181764%7Ctwgr%5E%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffatface-sends-controversial-data-breach-email-after-ransomware-attack%2F

While many felt that FatFace was trying to keep the data breach under wraps, it turns out there was much more to the story.

Data breach caused by a ransomware attack

According to Computer Weekly, the data breach was caused by a Conti ransomware attack in January 2021.

A ransom note found by Valéry Marchive of ComputerWeekly’s sister-publication LeMargIT allowed the publication to review a ransom negotiation between FatFace and the ransomware gang.

As is common in today’s ransomware attacks, the threat actors reviewed the victim’s financial data before deploying the ransomware. This review provided insight into the company’s finances, including FatFace’s cyber insurance coverage, which the threat actors brought up during the negotiations.

While Conti originally asked for $8.5 million, the negotiations ultimately led to a payment of $2 million to gain access to a decryption key and a promise not to leak the 200GB of stolen data.

The threat actors stated that they gained access to an internal FatFace workstation via a phishing attack on January 10th, 2021, where they then spread laterally through the network.

“From there, the team was able to obtain general administrative rights and began to move laterally through the network, identifying the retailer’s cyber security installations, Veeam backup servers and Nimble storage. The ransomware attack itself was executed on 17 January and saw more than 200GB of data exfiltrated,” Computerweekly reported.

The Conti gang also provided the victim with a report on how to better protect their network, including email filtering, phishing awareness tests, better Active Directory password policies, EDR technology, and an offline backup strategy.

When contacted by ComputerWeekly, FatFace confirmed the ransomware attack and said they reported it to law enforcement and the Information Commissioner’s Office (ICO).

“FatFace was unfortunately subject to a ransomware attack which caused significant damage to our infrastructure.” -FatFace.

Source: https://www.bleepingcomputer.com/news/security/fatface-sends-controversial-data-breach-email-after-ransomware-attack/

Advertisement. Scroll to continue reading.
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The cyberattack that ultimately led to the breach of several U.S. officials’ email accounts was the result of a China-based threat actor accessing a...

Cyber Security

The cybercrime group evaded remediation efforts by installing persistent backdoors and deploying “new and novel malware.” A Chinese-linked hacking group that security researchers say...

Cyber Security

The well-known watch manufacturing company Seiko disclosed the data breach notification recently on Aug 2023, targeted by the notorious threat group BlackCat/ALPHV. BlackCat/ALPHV Group has been...

Cyber Security

Privileged users typically hold crucial positions within organizations. They usually have elevated access, authority, and permission levels in the organization’s IT systems, networks, applications,...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO