US-based fashion brand and retailer Guess has confirmed that it was hit by a ransomware attack that led to a data breach and theft.
The company has started to notify affected customers of the unauthorised access to its system that happened over three weeks in February, according to a report from Bleeping Computer.
In a letter sent to customers, the retailer confirmed that certain customer information such as Social Security numbers, driver’s licence numbers, passport numbers and financial account numbers could have been compromised.
Following the attack, Guess completed a full review of the documents that could have been accessed or acquired on 3 June. The review identified the addresses of all impacted individuals.
A letter signed by Guess human resource senior director Susan Tenney said: “Upon discovery of the incident on 19 February, Guess activated its incident response plan and a cybersecurity forensics firm was engaged to assist with the investigation and containment.
“On 26 May, the investigation determined that personal information related to certain individuals may have been accessed or acquired by an unauthorised actor. The investigation determined that Social Security numbers, driver’s license numbers, passport numbers and/or financial account numbers may have been accessed or acquired.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below formBy GlobalData
“Following completion of the review of the documents that were potentially accessed, additional work was required to identify addresses for involved individuals. This work was completed on 3 June.”
Guess has not disclosed the specific number of affected individuals, but information filed with the office of Maine’s Attorney General reportedly revealed that more than 1,300 people had been victims of the attack.
The retailer currently operates 1,041 stores in the Americas, Europe and Asia.
Earlier this month, supermarket chain Coop temporarily closed hundreds of its stores in Sweden due to a ransomware attack.
The cyberattack was part of a worldwide event aimed at American software company Kaseya, whose technology is used by Coop’s supplier Visma Esscom.