High-End Fashion Brand Zegna Confirms Being Victim of Ransomware Attack in August 

High-End Fashion Brand Zegna Confirms Being Victim of Ransomware Attack in August 

Ermenegildo Zegna, an Italian premium fashion brand, disclosed a ransomware attack in August 2021 that caused extensive IT system outages. The disclosure was revealed in an SEC Form 424B3, which updates their investment prospectus to warn investors about the dangers of business disruption and data breaches caused by sophisticated cyberattacks. 

To demonstrate the possible investment risks, the report uses the scenario of a ransomware operation that attacked the company in August 2021, affecting most of its IT systems and causing a large-scale outage. Zegna emphasizes that they did not negotiate a ransom payment with the ransomware criminals. Thus, they had to recover from backups in the weeks following the incident. Even though Zegna previously acknowledged illegal access to their networks, they didn’t verify it was a ransomware attack until SEC’s filing. 

“In August 2021, we were subject to a ransomware attack that impacted the majority of our IT systems. As we refused to engage in discussions relating to the payment of the ransom, the responsible parties published certain accounting materials extracted from our IT systems,” reads Zegna’s SEC filing. “We publicly announced the IT systems breach and gradually restored our IT systems from secure backup servers during the weeks following the breach.” 

The RansomEXX operation claimed credit for the hack last year, in which data was leaked to compel the victim into paying a ransom. The ransomware group disclosed the data obtained from Zegna’s servers on the same day that the company announced its attack. The threat actors claimed to have copied 20.74 GB of data and provided it in password-protected ZIP files as part of the operation. Zegna’s entry on the leak portal has purportedly received 483,000 visitors. 

Unfortunately, Zegna’s filing verifies the integrity of the hacked data, but it does not mention the implications for clients and partners. This is the same ransomware gang that recently targeted companies, including Konica Minolta in August 2020, GIGABYTE in August 2021, and Hellmann Worldwide. 

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.

Share: