Fashion Retailer Guess Confirms Data Breach


Guess, the popular clothing and lifestyle brand is notifying the customers via letters of a data breach caused by a ransomware attack in February. Soon after the incident, the retailer contracted a cybersecurity firm to assist with their investigation into the ransomware attack.

“On May 26, 2021, the investigation determined that personal information related to certain individuals may have been accessed or acquired by an unauthorized actor. The investigation determined that Social Security numbers, driver’s license numbers, passport numbers, and/or financial account numbers may have been accessed or acquired,” the letter reads.

Guess finally discovered the addresses of all affected customers after reviewing exposed documents on June 30. It began informing customers on June 09 and filed a breach notification a month later. While only 1,300 individuals may have been affected by the Guess data breach, the extent of the damage suffered by each affected customer should serve as a warning to enterprises of all sizes. 

Los Angeles-based Guess has 1,580 stores globally, including 280 in the U.S. and 80 in Canada. As of May, it added new shops equivalent to 539. They are situated globally in 100 countries.

In April, reported that the  DarkSide ransomware gang claimed responsibility for the Guess data breach and ransomware attack, and they had studied Guess' financial records and learned the company brought in nearly $2.7 billion in revenue last year. 

"We recommend using your insurance, which just covers this case. It will bring you four times more than you spend on acquiring such a valuable experience. We act in stages and notify the press usually already when exactly sure that the company will not pay. As for [Guess and another company they named] -- I think the press will see them," the DarkSide representative said in messages translated from Russian.

"Although the DarkSide ransomware group is out of commission, that does not mean this breach is insignificant. The significant amount and very personal types of data being collected by the organization, including passport numbers, Social Security numbers, driver's license numbers, financial account and/or credit/debit card numbers with security codes, passwords, or PIN numbers, is an extremely valuable dataset for cybercriminals if they want to steal identities," Erich Kron, a  security analyst at KnowBe4, stated.