Guess informs customers of data breach after ransomware attack
Join Our Newsletter - Get important industry news and analysis sent to your inbox – sign up to our e-Newsletter here
X

Guess informs customers of data breach after ransomware attack

13 Jul 2021 (Last Updated July 13th, 2021 15:40)

The fashion retailer is offering complementary identity theft prevention services to customers affected by the attack.

Guess informs customers of data breach after ransomware attack
Guess operates 1,041 stores in the Americas, Europe and Asia. Credit: Ramon F Velasquez / Wikimedia Commons.

US-based fashion brand and retailer Guess has confirmed that it was hit by a ransomware attack that led to a data breach and theft.

The company has started to notify affected customers of the unauthorised access to its system that happened over three weeks in February, according to a report from Bleeping Computer.

In a letter sent to customers, the retailer confirmed that certain customer information such as Social Security numbers, driver’s licence numbers, passport numbers and financial account numbers could have been compromised.

Following the attack, Guess completed a full review of the documents that could have been accessed or acquired on 3 June. The review identified the addresses of all impacted individuals.

A letter signed by Guess human resource senior director Susan Tenney said: “Upon discovery of the incident on 19 February, Guess activated its incident response plan and a cybersecurity forensics firm was engaged to assist with the investigation and containment.

“On 26 May, the investigation determined that personal information related to certain individuals may have been accessed or acquired by an unauthorised actor. The investigation determined that Social Security numbers, driver’s license numbers, passport numbers and/or financial account numbers may have been accessed or acquired.

“Following completion of the review of the documents that were potentially accessed, additional work was required to identify addresses for involved individuals. This work was completed on 3 June.”

Guess has not disclosed the specific number of affected individuals, but information filed with the office of Maine’s Attorney General reportedly revealed that more than 1,300 people had been victims of the attack.

The retailer currently operates 1,041 stores in the Americas, Europe and Asia.

Earlier this month, supermarket chain Coop temporarily closed hundreds of its stores in Sweden due to a ransomware attack.

The cyberattack was part of a worldwide event aimed at American software company Kaseya, whose technology is used by Coop’s supplier Visma Esscom.