It appears that this season’s best collection comprises companies held to ransom by cybercrime group REvil, the latest addition being fashion retailer French Connection.
Originally founded in 1972 as a women’s fashion brand, and famed for its FCUK slogan, the company has expanded into a global retailer and wholesaler of clothing, accessories and homeware.
The company has revealed it has been subjected to a targeted attack by REvil via its back-end servers, which control its internal systems and operations. As is common with this type of attack, REvil extracted huge volumes of company data, including private employee records and files such as passport scans and ID passcards.
However, FCUK has confirmed that its front-end servers, especially the ones for online payments and customer transactions were not affected. In a statement the company said: “As soon as it became aware of the breach, the company took immediate action, suspending all affected systems and engaging third-party experts to assist with resolving the situation.
“The company is now actively working to restore its systems as quickly and safely as possible and where necessary is using manual overrides in order to ensure that the company can continue to operate.”
The company did not comment on whether it had received a ransom to retrieve the data and, if so, how much it may have been asked to pay. It did however confirm that the data breach had been reported to relevant authorities, including the Information Commissioner’s Office.
Any organisation which stores personal data is legally obliged to keep it secure and out of the hands of cybercriminals and unauthorised third parties. This means that, if personal data is exposed anyone affected may be able to make a compensation claim.
Even though it would appear that FCUK customer data hasn’t been compromised, there’s also the risk of the so-called triple extortion, which is a rising trend in the ransomware business.
Ransomware gangs are now demanding ransom payments from the victim’s customers, partners, or other third parties related to the initial attack, in exchange for not publicly publishing details. REvil has added voice scrambled phone calls to the victim’s business partners and the media as another ‘service’ it offers.
If you’d like to find out more about vXtream’s approach to system and data security, then get in touch now.
French Connection Image Credit here