Italian luxury fashion giant Moncler has confirmed it suffered a data breach after files were stolen by the AlphV/BlackCat ransomware operation in December and released on the dark web today.
The attack took place in the last week of 2021 when the luxury fashion brand announced a disruption to its IT services but assured the attack would result in nothing more than a temporary outage.
Ten days later, the company posted an update on the situation, reactivating its logistics systems and prioritizing e-commerce shipments that had been delayed in shipping.
Today, in a statement shared with Bleeping Computer, Moncler confirmed that certain data relating to its employees, former employees, suppliers, consultants, business partners and customers was leaked today by the AlphaV ransomware operation (BlackCat) .
Moncler says it rejected the prospect of paying a ransom demand because it goes against its founding principles, leading to the publication of the stolen data.
“With regard to customer-related information, the company informs that no data relating to credit cards or other means of payment has been exfiltrated, as the company does not store such data on its systems.” explains the statement shared with BleepingComputer.
Moncler also warned that possession or further distribution of the stolen data would be considered a criminal offence.
“Moncler recalls that all information in the possession of cybercriminals is the result of illegal activities and therefore the acquisition, use and dissemination thereof constitute a criminal offense.” – Moncler.
Finally, the company reiterated that it had notified company stakeholders and the Italian Data Protection Authority of the attack.
An ALPHV BlackCat victim
Moncler Group is one of the first victims of the ALPHV (BlackCat) ransomware, a new Ransomware-as-a-Service (RaaS) operation launched in early December 2021.
Our ransomware analysis ranked it as the most sophisticated RaaS of the last year, primarily due to its robust operational structure, features, and thoughtful approach to all stages of ransomware attack.
Today, the ALPHV ransomware gang released Moncler’s data on their data leak and also reported that they demanded $3 million for not releasing the data.
Based on screenshots shared on the site, the stolen data includes income statements, spreadsheets containing what appears to be customer information, invoices and other documents.
The ransomware gang is now trying to sell the data of “wealthy customers” to other threat actors.
- ALPHV BlackCat – This year’s most sophisticated ransomware
- BlackCat (ALPHV) ransomware linked to BlackMatter, DarkSide gangs
- BlackCat (ALPHV) claims Swissport ransomware attack, leaks data
- Activision Blizzard lawsuit: a timeline of key events and everything you need to know
- Ransomware Week – January 21, 2022