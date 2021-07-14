



A Guess retail store. (N509FZ, CC BY-SA 4.0 https://creativecommons.org/licenses/by-sa/4.0, via Wikimedia Commons) Following the news that fashion brand Guess suffered a data breach in which personal information could have been stolen, cybersecurity experts said on Tuesday that retailers should view the case as a motivation to lock down their stores. cyber defenses. News of the violation was first reported by BipComputer Monday, however DataBreaches.net previously reported that ransomware group DarkSide listed Guess on its data breach site in April. It is certainly possible that the reported ransomware and breach incidents are related. In one note issued to affected customers on July 9, Guess said the incident was first discovered on February 19. The company’s investigation determined that social security numbers, driver’s license numbers, passport numbers and / or financial account numbers may have been viewed or acquired. The pandemic has accelerated the digital transformation for retailers and further altered the shopping habits of consumers online, which has widened their attack surface and increased the number of vulnerabilities and breach risks, said Casey Ellis, founder and technical director of Bugcrowd. He said the Guess breach should serve as a reminder for all retailers to assess their security processes. Many retailers are relying on new systems that have been built on themselves as organizations tailored to the demands of pandemic customers, Ellis said. As a result, these systems have often not been properly tested before in high volume transaction environments. Speed ​​is the natural enemy of security, and retailers should beware of the increased risks of DDoS attacks, ransomware, fraudulent purchases, [and] phishing campaigns masquerading as retailers. The large amount and types of very personal data collected by the organization is an extremely valuable data set for cybercriminals if they want to steal identities, said Erich Kron, security awareness advocate at KnowBe4. For this reason unlike [how] it seems that in this case, organizations are wise to limit the amount of data kept and stored in the systems, Kron said. Since ransomware, including those from the DarkSide group and their affiliates, often targets compromised user accounts for remote access services and typically relies heavily on email phishing campaigns, they are areas that organizations need to focus on securing. Tom Badders, senior product manager for secure mobility products and services at Telos Corporation, added that CIOs and CISOs need to prioritize technology and information assets and segment them by criticality and / or special use case. He said the personal information stolen in this case should have been kept behind a protected network not accessible through standard company security. Standard corporate security should be used for employees to access things like corporate email or to access shareable, non-critical information on the corporate intranet, but these types of tools cannot hide network assets, Badders said. Cybercriminals are getting more sophisticated and targeting the crown jewels of organizations. These types of attacks can be devastating extinction events for organizations and should be protected to a higher level than standard enterprise-level security measures. Businesses must hide personal information, sensitive organizational information, intellectual property and critical research from cybercriminals.

