Ransomware Attack On Moncler

Uploaded on 2022-01-25 in TECHNOLOGY--Hackers, FREE TO VIEW

Italian luxury brand Moncler has suffered a cyber attack in which criminals stole data and published it on the Dark Web. 

The company confirmed the attack on Tuesday 18th January, stating that it had suffered from a data breach after being attacked by the AlphV/BlackCat ransomware operation in December. 

The attack happened during December 2021, when the luxury fashion brand announced an interruption in its IT services, but the company assured that the attack would result in nothing more than a temporary outage.

The attack caused an outage of its IT services, in the final week of 2021, causing a temporary outage of its IT services which delayed shipments of goods ordered online.Moncler reportedly refused to pay a ransom to its attackers, leading them to publish information belonging to employees, former employees, customers, consultants, business partners, and suppliers online.

The company said in a statement: "While the investigation related to the attack is still ongoing, Moncler confirms that the stolen information refers to its employees and former employees, some suppliers, consultants and business partners, as well as customers registered in its database.  “With regard to information linked to customers, the company informs that no data relating to credit cards or other means of payment have been exfiltrated, as the company does not store such data on its systems."

Moncler does not store credit card information and stated that financial data had not been exfiltrated. In addition, the brief interruption to the logistical side of the company’s operations brought on by the attack had not affected its profits. 

Researchers at online fraud protection firm PerimiterX commented on the attack, saying that while data breaches and ransom demands continue to plague companies, protecting customer and employee data is becoming increasingly important and pushing sensitive data behind protected perimeters is no longer sufficient to prevent a malicious data breach.

Moncler that the interruption to its IT systems and logistics services has not caused a material impact on the group's economic results.

Moncler:    Fashion United:    The Industry.Fashion:   Oodaloop:     Infosecurity Magazine:     

Techradar:      Bleeping Computer

You Might Also Read: 

Major German Shopping Site Leaked Customer Data:

 

« Defending Against Log4j Vulnerabilities
How To Secure Web Gateway & Web Filtering »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IoT European Research Cluster (IERC)

IoT European Research Cluster (IERC)

IERC brings together EU-funded projects with the aim of defining a common vision for IoT technology and development research challenges.

Flashpoint

Flashpoint

Flashpoint is a globally trusted leader in risk intelligence for organizations that demand the fastest, most comprehensive coverage of threatening activity on the internet.

Ellipsis Technologies

Ellipsis Technologies

Ellipsis Technologies is a diversified technology company that develops innovative security software for websites and online applications.

Seculert

Seculert

The Seculert Attack Detection & Analytics Platform combines machine-learning based analytics and threat intelligence to automatically detect cyber attacks inside the network.

TechCERT

TechCERT

TechCERT is Sri Lanka’s first and largest Computer Emergency Readiness Team (CERT).

CERT-PH

CERT-PH

CERT-PH is the National Computer Emergency Response Team and the highest body for cybersecurity related activities in the Philippines.

Aporeto

Aporeto

The Aporeto platform protects cloud applications from attack by authenticating and authorizing all communications with a cryptographically signed identity assigned to every workload.

Secon Cyber Security

Secon Cyber Security

Secon Cyber Security is an Advanced Managed Security Services Provider with long standing experience of providing cyber security solutions to customers ranging from small to large enterprises.

CyberSecurityTrainingCourses.com

CyberSecurityTrainingCourses.com

Cyber Security Training Courses is a portal to help candidates find the best courses to progress their career within the IT security industry.

DCX Technology

DCX Technology

Recognized as a leader in security services, DXC Technology help clients prevent potential attack pathways, reduce cyber risk and improve threat detection and incident response.

Dataprovider.com

Dataprovider.com

Our Brand Protection Suite gives you the tools to discover trademark infringement on the Internet, such as websites selling counterfeit products, even when this is not immediately noticeable.

Private Machines

Private Machines

Private Machines develops unique patent-pending technology protects cloud and data center workloads.

Alibaba Cloud

Alibaba Cloud

Alibaba Cloud is committed to safeguarding the cloud security for every business by leveraging a comprehensive suite of enterprise security services and products on the platform.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.

Cipher Net Shield

Cipher Net Shield

Cipher Net Shield specializes in secure E-wallet solutions with a strong focus on blockchain and cybersecurity, prioritizing both transaction security and the recovery of lost capital.

QANplatform

QANplatform

QANplatform is a Quantum-resistant hybrid blockchain platform.