American fashion retailer Guess recently became the latest in a seemingly unending parade of big-name companies to suffer a data breach.
The company’s breach notification letter was mailed to all customers whose data was compromised. The letter states that an unidentified party gained access to Guess’ systems between February 2nd and February 23rd of this year (2021).
The company discovered evidence of the breach on May 26th and determined that the personal information of some Guess customers had been accessed. By the 3rd of June, the company, a third party security vendor, and law enforcement officials had finished a review of the data that was accessed. They then began contacting all individuals impacted by the breach as of June 9th.
The company is offering a year of free credit monitoring to all impacted individuals as is often the case in data breaches.
The letter being sent to impacted individuals reads in part as follows:
“On May 26, 2021, the investigation determined that personal information related to certain individuals may have been accessed or acquired by an unauthorized actor. The investigation determined that Social Security numbers, driver’s license numbers, passport numbers and/or financial account numbers may have been accessed or acquired.”
The breach notification letters give no indication as to the scope and scale of the breach. The information filed with Main’s Attorney General indicates that just over 1300 people had their data compromised during the attack.
Guess’ breach notification gave no indication of who may have been behind the attack. However security researchers have found circumstantial evidence on the Dark Web that points to the DarkSide ransomware group.
If that name sounds familiar to you it’s because they’re the group behind the recent Colonial Pipeline attack that brought fuel deliveries to a standstill in the southeastern United States for the better part of two weeks. Not long after the Colonial attack the FBI seized significant portions of the group’s infrastructure and they ceased all operations in late May. Now they seem to be back with a vengeance.