American clothing brand and retailer Guess just began notifying customers of a data breach caused by a February ransomware attack.
According to a letter from Guess, the retailer contracted a cybersecurity firm to assist with their investigation in February into the ransomware attack. They discovered “unauthorized access to Guess’ systems between February 2, 2021, and February 23, 2021.”
“On May 26, 2021, the investigation determined that personal information related to certain individuals may have been accessed or acquired by an unauthorized actor. The investigation determined that Social Security numbers, driver’s license numbers, passport numbers and/or financial account numbers may have been accessed or acquired.”
Guess finally identified the addresses of all affected individuals after reviewing exposed documents on June 3. It began informing customers on June 9 and filed a breach notification a month later.
While only 1,300 individuals may have been affected by the Guess data breach, the extent of the damage suffered by each affected customer should serve as a warning to enterprises of all sizes.
Databreaches.net reported in April DarkSide ransomware gang claimed responsibility for the Guess data breach and ransomware attack. We gathered some cybersecurity expert commentary on the breach. Here’s what we learned.
Guess Data Breach Indicates Theft After Ransomware Attack
Casey Ellis
Casey Ellis is the CTO and Founder of Bugcrowd.
“The pandemic has accelerated digital transformation for retailers and further shifted cons ..
Support the originator by clicking the read the rest link below.
