As a fashion company...
...I guess this means that they lost their shirt :-)
On a slightly more serious note, if companies keep giving annual experian membership whenever they get hacked, I'll be paid up for life at this rate.
Fashion brands Guess and Spread Group have confirmed data breaches in which crooks walked off with US Social Security Numbers (SSNs), contracts, passwords, payment details, and more. The two companies were breached in separate attacks earlier this year, statements released by both confirmed, with a range of personal data …
I'd guess that their first response was probably FCUK
Or am I thinking about someone else ?
I'm also wondering how someone can have password hashes from 8 years ago - don't they know about the basics such as rotating credentials and patching systems ?
.. Clearly not.. which is probably a contributing factor for why they are in this mess right now.
> an organised cyber-attack which was carried out with considerably vicious criminal intent
vicious
adjective
deliberately cruel or violent
So in what way was this "cyber-attack" cruel and violent? Did they somehow rig the servers to explode? Were they particularly nasty to the servers as they transferred data off site? Did they threaten the server's child processes?
I had an account at one of the Big Three carriers in the USA for a while. I would pay monthly by phone using my credit card (it was difficult to pay physically at one of the stores because after a big merger they closed the one near me). I would pay $43 each month. I would get a text "Thank you for your payment of $43...". A few minutes later I would get another text "Thank you for your payment of $150 <or some other random amount that would change each month>".
Holy crap! While I was never charged for this second erroneous amount, the very fact that I would get a text like this shows just how poor software that handles our personal information is written. When I cancelled my service the company sent me a <del>worthless</del> survey to ask me why I cancelled their service. I simply wrote "send all your programmers to programming school".
That's interesting. I got an e-mail from Spreadshirt last night and I was on the brink of treating it as spam.
I haven't heard of them, have no recollection of ever dealing with them, and there is no account for them in my password safe.
Does that mean that they are just plucking e-mails out of the air?
On the vague offchance that I did, unknowingly, buy something from them, I'm not that worried, as any card I had in 2014 is long expired by now and I certainly wouldn't have used a Bank Transfer to a T-Shirt printing firm.
Incidentally, I've just been to their UK website and you can't opt out of data collection, naughty.