Ransomware Attack On Moncler

Italian luxury brand Moncler has suffered a cyber attack in which criminals stole data and published it on the Dark Web. 

The company confirmed the attack on Tuesday 18th January, stating that it had suffered from a data breach after being attacked by the AlphV/BlackCat ransomware operation in December. 

The attack happened during December 2021, when the luxury fashion brand announced an interruption in its IT services, but the company assured that the attack would result in nothing more than a temporary outage.

The attack caused an outage of its IT services, in the final week of 2021, causing a temporary outage of its IT services which delayed shipments of goods ordered online.Moncler reportedly refused to pay a ransom to its attackers, leading them to publish information belonging to employees, former employees, customers, consultants, business partners, and suppliers online.

The company said in a statement: "While the investigation related to the attack is still ongoing, Moncler confirms that the stolen information refers to its employees and former employees, some suppliers, consultants and business partners, as well as customers registered in its database.  “With regard to information linked to customers, the company informs that no data relating to credit cards or other means of payment have been exfiltrated, as the company does not store such data on its systems."

Moncler does not store credit card information and stated that financial data had not been exfiltrated. In addition, the brief interruption to the logistical side of the company’s operations brought on by the attack had not affected its profits. 

Researchers at online fraud protection firm PerimiterX commented on the attack, saying that while data breaches and ransom demands continue to plague companies, protecting customer and employee data is becoming increasingly important and pushing sensitive data behind protected perimeters is no longer sufficient to prevent a malicious data breach.

Moncler that the interruption to its IT systems and logistics services has not caused a material impact on the group's economic results.

Moncler:    Fashion United:    The Industry.Fashion:   Oodaloop:     Infosecurity Magazine:     

Techradar:      Bleeping Computer

You Might Also Read: 

Major German Shopping Site Leaked Customer Data:

 

« Defending Against Log4j Vulnerabilities
How To Secure Web Gateway & Web Filtering »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIIS Cyber Initiative

MIIS Cyber Initiative

The Cyber Initiative's mission is to assess the impact of the information age on security, peace and communications.

Boxcryptor

Boxcryptor

Boxcryptor encrypts your sensitive files before uploading them to cloud storage services.

Australian Cyber Security Centre (ACSC)

Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location.

Cloudmark

Cloudmark

Cloudmark is a trusted leader in intelligent threat protection against known and future attacks, safeguarding 12 percent of the world’s inboxes from wide-scale and targeted email threats.

Labris Networks

Labris Networks

Labris Networks specializes in DDoS mitigation, NG Firewall, Unified Threat Management, Centralized Management, Regulatory Compliances and SOC/CERT Services.

C2A Security

C2A Security

C2A Security offers a comprehensive suite of cyber security solutions for the automotive industry, providing in-vehicle end-to-end protection.

Rizikon Assurance

Rizikon Assurance

Rizikon Assurance is an Online System that improves Third-Party Assurance and Risk Management, through efficiency, automation and better visibility.

Nisos

Nisos

Nisos provides unrivaled protection of your reputation and assets through the practice of Active Defense.

Tozny

Tozny

Tozny offers products with security and privacy in mind that are built on the foundation of end-to-end encryption, and open-source verifiable software.

SecureTeam

SecureTeam

SecureTeam are a UK-based information security practice, specialising in all areas of cybersecurity.

Acumen

Acumen

Acumen's cyber security engineers protect your critical systems, in critical moments. We are here when you need us most.

Simbian

Simbian

Simbian, with its hardened TrustedLLM system, is the first to accelerate security by empowering every member of a security team from the C-Suite to frontline practitioners.

PDQ

PDQ

PDQ helps IT professionals to manage and organize hardware, software, and configuration data for Windows- and Apple-based devices.

Compugen Systems Inc (CSI)

Compugen Systems Inc (CSI)

Compugen Systems is an IT service delivery company that focuses on enabling your business outcomes.

Rocket Software

Rocket Software

Rocket Software helps customers in all industries solve their most complex IT challenges, across infrastructure, data, and applications — with solutions that simplify, not disrupt.

ENKI WhiteHat

ENKI WhiteHat

ENKI WhiteHat is an offensive security specialist, preemptively addressing cyber threats from a hacker’s perspective.