FatFace Pays $2million Ransom To Cyber Criminals

British clothing retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the criminal hacking group called Conti.  

The criminals initially demanded a ransom of 213 Bitcoins, about $8 million/£5.8 million, but agreed to lower the amount to $2 million after FatFace's negotiator explained that the firm's revenues had slumped over the past year due to lockdown restrictions. 

Conti finally agreed to a $2 million payment, saying that it didn't want to bankrupt the retailer.

Conti told FatFace that it had initially breached their network via a phishing attack on 10th January 2021. The gang used this compromise to gain admin rights and expand its reach through the network, as well as identifying the firm's Veeam backup servers and Nimble storage. The final attack occurred on 17th January, when the criminals were able to exfiltrate over 200GB of data from FatFace's systems before encrypting machines.

After receiving the ransom pay-out, Conti offered advice to the company's IT team about how they could strengthen security to prevent cyber attacks in future.

Advice included implementing email filtering, reviewing Active Directory password policy, conducting employee phishing tests, and investing in better endpoint detection and response technology. FatFace disclosed the security breach to customers in an email last week, informing them that some customer details - including names, email and postal and addresses, and limited credit card data - had been compromised in an attack on its systems.

The company asked customers to keep information about the data breach 'strictly private and confidential'. It also told customers that the delay in informing them occurred as they were working to identify the hackers behind the incident and to determine precisely what information was stolen.

Under the terms of the GDPR, companies must tell the ICO of a breach within 72 hours of becoming aware of it. If they decide there is a high risk to individuals' rights and freedoms, they also need to inform affected individuals 'without undue delay'.

FatFace confirmed the ransomware attack and they notified the ICO and law enforcement agencies about the incident. Almost 5,000 ransomware attacks hit British firms in 2019, with criminals collecting payments of nearly £210 million, the US cyber security firm Emsisoft said in a report last year. The company said that organisations are showing 'more willingness' to pay ransoms due to fears of public embarrassment, lost data and potential penalties from regulators (of course, paying a ransom to retrieve stolen data does not avoid fines for losing that data in the first place).

The 2020 CrowdStrike Global Security Attitude Survey revealed that almost 40% of UK organisations had been subject to ransomware attacks in the past 12 months, and 13 per cent of them had chosen to pay the ransom.

Some of the other key findings in the report is a growing fear of nation-state intrusions and ransomware attacks in the wake of COVID-19 outbreaks: 

  • 56% of organisations surveys reported a ransomware attack within the last 12 months.
  • 87% of respondents indicated that nation-state attacks are much more common than commonly supposed.
  • 73% say nation-state attacks are the single biggest threat to their organisations. 
  • 84% say they have accelerated their digital transformation efforts as a result of COVID-19, Potentially compounding their risk.
  • 45% stating that they have increased cloud rollouts to support employees working remotely. 

According to Crowdstrike, UK businesses paid an average ransom of £940,000 ($1.2 million) which is higher than the global average of $1.1 million.

Crowdstrike:     Information Commissoner:        Computer Weekly:         Computing

You Might Also Read: 

Ransomware Victim Travelex Folds:

 

« Twenty Cyber Security Startups To Watch
Half A Billion LinkedIn Members Found For Sale »

Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cortado

Cortado

Cortado Mobile Solutions is a manufacturer of enterprise mobility solutions.

ISO Quality Services Ltd

ISO Quality Services Ltd

ISO Quality Services is an independent organisation that specialises in the implementation, certification and continued auditing of ISO and BS EN Management Standards including ISO 27001..

Microsoft Malware Protection Center

Microsoft Malware Protection Center

Microsoft MPC conducts malware research and provides security software to help protect your PC from malware and other threats.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

Think Cyber Security (ThinkCyber)

Think Cyber Security (ThinkCyber)

ThinkCyber is a Tel Aviv-based Israeli company with a team of cybersecurity professionals who are experts in both information and operations technology.

CSIRT-NQN

CSIRT-NQN

CSIRT-NQN is the Computer Incident Response Team for the Argentine province of Neuquen.

Sternum

Sternum

Sternum provides reliable and effective endpoint security for any IoT device, using robust technology and seamless integration.

CoursesOnline

CoursesOnline

CoursesOnline.co.uk is a database listing IT security courses from providers across the UK.