Guess suffers ransomware attack impacting customer financial information

Edward Kost
Edward Kost
July 19, 2021

Guess has issued a breach notification to customers that were impacted by a ransomware attack that occurred in February.

"A cybersecurity forensic firm was engaged to assist with the investigation and identified unauthorized access to Guess’ systems between February 2, 2021, and February 23, 2021.” The American fashion brand said in its statement.

The investigation, which lasted until June, determined that the cybercriminals accessed customer Personal Identifiable Information (PII) and financial information.

“The information accessed or acquired may have included your Social Security number, driver’s license number, passport number, and/or financial account number.”

Guess did not reveal the identity of the ransomware attackers but suggested DarkSide is responsible after noticing Guess listed as a victim on their data leak website.

DarkSide has been active since August 2020. They primarily launch ransomware attacks, where sensitive data is encrypted and only released if victims pay a set ransom price, which is usually millions of dollars worth of Bitcoin.

Expired ransom message by Darkside - Source:
If you would meet us on the street – you would never realize that we are cyberpests, because we are the same normal people like everyone else. Many have families and children, the only thing that these circumstances in which we found themselves in our country are. We have no hatred and desire to cause damage, we perceive our business as any other, the ultimate goal of which is profit. 

— DarkSide

Ransomware attacks are a pervasive threat to the national security of the United States. To finally disrupt this trend, the Biden administration is offering a $10 million reward for information that could identify ransomware criminals targeting U.S critical infrastructures.

Any information that could aid the discovery of nation-state criminals should be reported to the Rewards for Justice office via a Tor-based tips-reporting channel (Tor browser is required).

Announcement of US bounty on nation-state cybercriminals - Source:

How secure is Guess?

Guess (styled as GUESS or Guess?) is an American clothing brand and retailer. In addition to clothing for both men and women, Guess markets other fashion accessories such as watches, jewelry, perfumes, and shoes.
  • Check icon
    View our free preliminary report on Guess’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
Security ratings
Abstract shape
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating