Security News > 2021 > July > Fashion retailer Guess discloses data breach after ransomware attack

American fashion brand and retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft.

"A cybersecurity forensic firm was engaged to assist with the investigation and identified unauthorized access to Guess' systems between February 2, 2021 and February 23, 2021," the company said in breach notification letters mailed to impacted customers.

Guess began mailing breach notification letters to affected customers on June 9, offering complimentary identity theft protection services and one year of free credit monitoring through Experian to all impacted individuals.

"On May 26, 2021, the investigation determined that personal information related to certain individuals may have been accessed or acquired by an unauthorized actor," Guess said.

While the breach notification letters do not reveal the number of affected individuals, information filed with the office of Maine's Attorney General shows that just over 1,300 people had their data exposed or accessed during the February attack.

Even though Guess did not provide any info on the identity of the threat actor behind the ransomware attack, DataBreaches.net reported in April that the DarkSide ransomware gang listed Guess on their data leak site.

News URL

https://www.bleepingcomputer.com/news/security/fashion-retailer-guess-discloses-data-breach-after-ransomware-attack/