American retailer Guess discloses data breach after ransomware attack

American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers.

In February, American fashion brand Guess was hit by a ransomware attack, now the company is disclosing a data breach and is notifying affected customers.

The attack was likely carried out by the DarkSide ransomware gang that in April listed Guess on their data leak site claiming to have stolen over 200 GB of files.

The company investigated the security breach with the help of a cybersecurity forensic firm that determined that unauthorized actor had access to personal information stored into Guess systems.

“The investigation determined that there was unauthorized access to certain Guess systems between February 2, 2021 and February 23, 2021. On May 26, 2021, the investigation determined that personal information related to certain individuals may have been accessed or acquired by an unauthorized actor. The investigation determined that Social Security numbers, driver’s license numbers, passport numbers and/or financial account numbers may have been accessed or acquired.” reads the breach notification letter sent to the impacted users and reported by BleepingComputer.

The company told BleepingComputer that threat actors had no access to customer payment card information and that the security breach did not have a material impact on operations or financial results.

On July 9, 2021, the fashion retailer started sending notification letters to the individuals whose information may have been involved.

Guess is offering complimentary 12 months of identity theft protection and credit monitoring services through Experian to the individuals impacted in the security breach.

At the time of this writing, the company has yet to reveal the number of affected individuals, but the information provided by the company to the office of Maine’s Attorney General shows that just over 1,300 people were impacted.

Guess has implemented additional measures to enhance the security of its infrastructure to reduce the risk of a similar incident occurring in the future.

Even though Guess did not provide any info on the identity of the threat actor behind the ransomware attack, DataBreaches.net reported in April that the DarkSide ransomware gang listed Guess on their data leak site.

At the time, the ransomware group claimed to have stolen over 200 GB worth of files from the fashion retailer’s network before attempting to encrypt their systems.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Guess)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.