FatFace suffers a ransomware attack where the threat actors gained access to FatFace’s network and system but want to keep it private.
FatFace suffers a ransomware attack where the threat actors gained access to FatFace’s network and system but want to keep it private.
FatFace is a British lifestyle clothing and accessories retailer based in Hampshire.
According to the customer’s data breach notification, FatFace has suffered a data breach after a cyberattack on January 17th, 2021.
The threat actors gained access to customer data, including customer’s names, email addresses, partial credit card information (last four digits and expiration date) and mailing addresses.
The data breach notification told recipients to “Please do keep this email and the information included within it strictly private and confidential.”
The company's response has led to controversy, where many felt that FatFace was trying to keep the data breach under wraps.
According to Computer Weekly, the data breach was caused by a Conti ransomware attack.
The threat actors reviewed the victim’s financial data before deploying the ransomware. This provided insight into the company's finances, including FatFace’s cyber insurance coverage.
“Our demands are lower than your insurance coverage," Conti's negotiator shot back, according to screengrabs published by Computer Weekly. "I have no idea how this can break you when you are insured for 7.5 million pounds. I suppose it's time to contact your insurance company."
The threat actors started to gain access to FatFace internal workstation on January 10th, 2021, via a phishing attack, where they then spread laterally through the network.
“From there, the team was able to obtain general administrative rights and began to move laterally through the network, identifying the retailer’s cybersecurity installations, Veeam backup servers and Nimble storage. The ransomware attack itself was executed on January 17th and saw more than 200GB of data exfiltrated," Computerweekly reported.
The ransomware group also provided the victim with a report on how to better protect their network, including phishing awareness tests, email filtering, EDR technology, better Active Directory password policies, and an offline backup strategy.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?