American retailer Guess discloses data breach after ransomware attack

Pierluigi Paganini July 13, 2021

American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers.

In February, American fashion brand Guess was hit by a ransomware attack, now the company is disclosing a data breach and is notifying affected customers.

The attack was likely carried out by the DarkSide ransomware gang that in April listed Guess on their data leak site claiming to have stolen over 200 GB of files.

The company investigated the security breach with the help of a cybersecurity forensic firm that determined that unauthorized actor had access to personal information stored into Guess systems.

“The investigation determined that there was unauthorized access to certain Guess systems between February 2, 2021 and February 23, 2021. On May 26, 2021, the investigation determined that personal information related to certain individuals may have been accessed or acquired by an unauthorized actor. The investigation determined that Social Security numbers, driver’s license numbers, passport numbers and/or financial account numbers may have been accessed or acquired.” reads the breach notification letter sent to the impacted users and reported by BleepingComputer.

The company told BleepingComputer that threat actors had no access to customer payment card information and that the security breach did not have a material impact on operations or financial results.

On July 9, 2021, the fashion retailer started sending notification letters to the individuals whose information may have been involved.

Guess is offering complimentary 12 months of identity theft protection and credit monitoring services through Experian to the individuals impacted in the security breach.

At the time of this writing, the company has yet to reveal the number of affected individuals, but the information provided by the company to the office of Maine’s Attorney General shows that just over 1,300 people were impacted.

Guess has implemented additional measures to enhance the security of its infrastructure to reduce the risk of a similar incident occurring in the future.

Even though Guess did not provide any info on the identity of the threat actor behind the ransomware attack, DataBreaches.net reported in April that the DarkSide ransomware gang listed Guess on their data leak site.

At the time, the ransomware group claimed to have stolen over 200 GB worth of files from the fashion retailer’s network before attempting to encrypt their systems.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Guess)

[adrotate banner=”5″]

[adrotate banner=”13″]

Cybersecurity Darkside Guess Hacking hacking news information security news Pierluigi Paganini Security Affairs Security News

Pierluigi Paganini July 13, 2025

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

Pierluigi Paganini July 13, 2025