Italian luxury fashion brand Moncler has disclosed it suffered a cyberattack at the hands of the AlphV/BlackCat ransomware operation in December.
The company says that it “received a ransom demand that has been rejected, firmly believing the request to be against its founding principles.” Now the threat group has leaked stolen data related to current and former employees, suppliers, consultants, business partners, and customers, offering it for sale to other threat actors.
In a press release, the company said: "While the investigation related to the attack is still ongoing, Moncler confirms that the stolen information refers to its employees and former employees, some suppliers, consultants and business partners, as well as customers registered in its database.
“With regard to information linked to customers, the company informs that no data relating to credit cards or other means of payment have been exfiltrated, as the company does not store such data on its systems.”
Yotam Katz, Product Manager at IntSights, a Rapid7 company, says: “The retail industry has been a popular target with threat actors due to the amount of personal and financial information these businesses handle. We’ve already seen messages from cybercriminals on the dark web offering to sell the personal information of high-value, wealthy retail customers, and it seems that the Moncler data is being sold to the highest or fastest bidder. If there is demand on the dark web for this data, then Moncler could potentially find themselves vulnerable to further cyberattacks later down the line.”