Moncler, an Italian luxury fashion retailer, said that its systemdent s were breached by the AlphV/BlackCat ransomware attack in December. The stolen files were published yesterday on the dark web.
The attack happened during the last week of 2021. It affected the company’s IT services and caused a temporary outage. No reports about a ransomware attack were shared. After the incident, the company launched an update to restore its systems and to prioritize its e-commerce shipments.
Today, Moncler Group confirmed that some of the company’s data, including employee records, former clients, and business partners, were leaked due to the attack. The company stated that it refused to pay the ransom due to its founding principles. The refusal led to the stolen files published on the dark web.
“With regard to information linked to customers, the company informs that no data relating to credit cards or other means of payment have been exfiltrated, as the company does not store such data on its systems,” explains the statement Moncler shared with BleepingComputer.
The company also warned that the continued possession of the stolen data would be regarded as a criminal offense.
“Moncler reminds that all information in the possession of cybercriminals is the result of illegal activities and that consequently, the acquisition, use and dissemination of the same constitutes a criminal offense,” Moncler said.
Finally, the company confirmed that it has informed the Italian Data Protection Authority about the attack.
Moncler was one of the first victims of the new AlphV/BlackCat ransomware group that was launched in December.
The incident was named by Bleepingcomputer researchers as the most sophisticated ransomware attack of the past year based on its “robust operational structure, features, and thought-out approach to all stages of the ransomware attack.”
The members of the ALPHV ransomware group published the company’s data yesterday and also indicated that they had asked for $3 million to prevent the publication of the information. The stolen data from Moncler included various documents such as employee earning statements, customer data, and spreadsheets with customer information.
The gang is now trying to sell the details of the company’s rich customers to other hackers.
