Fashion company French Connection has been hit by a ransomware attack. The firm, which sells clothes online, was reportedly targeted by a hacker gang with links to the notorious REvil ransomware operation. Attackers penetrated the company’s back-end and took off with a selection of private internal data.
French Connection was established in 1972. Originally founded as a mid-market fashion brand, the company has since expanded to include men’s and women’s accessories. It may be best remembered by its cheeky slogan “FCUK” that it first adopted in its advertising in the early 2000s.
The attackers who are reportedly affiliated with REvil turned out to be more serious than the brand’s slogan, and exploited a security vulnerability in the company’s back-end systems to steal internal company data and possibly encrypt servers, and demand a ransom.
The gang has been using the scans of a number of high-profile individuals, including those of the founder and chief executive Marks, chief financial officer Lee Williams, and chief operating officer Neil Williams, to prove the breach took place.
The French Connection has confirmed that it was the target of a cyber-attack that affected its back-end servers. Although it is believed that the front-end servers – those that process payments for French Connection’s online outlets – were not affected by the attack, the company noted.
Due to a breach, the company immediately suspended all systems and engaged third-party experts to help resolve the situation:
“As soon as it became aware of the breach, the company took immediate action, suspending all affected systems and engaging third-party experts to assist with resolving the situation,” French Connection’s statement continued. “The company is now actively working to restore its systems as quickly and safely as possible and where necessary is using manual overrides in order to ensure that the company can continue to operate.”
French Connection said it had no evidence that any data related to its customers was accessed during the breach, and the company is “continuing to operate largely as normal.”
Data that hackers like REvil and other ransomware groups steal is usually up for sale on forums later. The original owners are usually given a ransom demand before it is published.
French Connection did not reveal the amount it was asked to pay if any.