Guess has issued a breach notification to customers that were impacted by a ransomware attack that occurred in February.
"A cybersecurity forensic firm was engaged to assist with the investigation and identified unauthorized access to Guess’ systems between February 2, 2021, and February 23, 2021.” The American fashion brand said in its statement.
The investigation, which lasted until June, determined that the cybercriminals accessed customer Personal Identifiable Information (PII) and financial information.
“The information accessed or acquired may have included your Social Security number, driver’s license number, passport number, and/or financial account number.”
Guess did not reveal the identity of the ransomware attackers but databreaches.net suggested DarkSide is responsible after noticing Guess listed as a victim on their data leak website.
DarkSide has been active since August 2020. They primarily launch ransomware attacks, where sensitive data is encrypted and only released if victims pay a set ransom price, which is usually millions of dollars worth of Bitcoin.
If you would meet us on the street – you would never realize that we are cyberpests, because we are the same normal people like everyone else. Many have families and children, the only thing that these circumstances in which we found themselves in our country are. We have no hatred and desire to cause damage, we perceive our business as any other, the ultimate goal of which is profit.
Ransomware attacks are a pervasive threat to the national security of the United States. To finally disrupt this trend, the Biden administration is offering a $10 million reward for information that could identify ransomware criminals targeting U.S critical infrastructures.
Any information that could aid the discovery of nation-state criminals should be reported to the Rewards for Justice office via a Tor-based tips-reporting channel (Tor browser is required).