Guess reports about data break after ransomware attack

US brand and retailer Guess reported this week that customers’ personal data leaked following the ransomware attack in February. Guess directly operates 1,041 retail stores in the Americas, Europe and Asia, while its distributors and partners control additional 539 stores worldwide.

The investigation was completed in early July, when the company began sending out letters to affected customers, offering free identity theft protection services and one year of free credit monitoring. Although the letters do not indicate the exact number of victims, according to documents received by the office of the attorney general of Maine, the attack affected about 1,300 people.

The information disclosed during the incident appears to have included both personal and financial information. In particular, it is reported that third parties have gained access to social security numbers, driver’s license numbers, passport numbers, financial account numbers. It is also highlighted that financial account or credit/debit card numbers have been disclosed (in combination with a security code, access code, password or PIN for the account).

It is worth noting that back in April, the DataBreaches.net portal reported that the DarkSide hack group was behind this attack, as the attackers mentioned Guess on their website for leak data.

Let me remind you that after famous attack on the operator of the Colonial Pipeline, the DarkSide group urgently ceased its activities.

Let me also remind you that we talked about the fact that Hackers are driven into underground: three major hack forums banned advertising of ransomware.