Fashion giant Moncler confirms data breach after ransomware attack

Italian luxury fashion giant Moncler confirmed it suffered a data breach after the files were stolen by the AlphV / BlackCat ransomware operation in December and posted on the dark web today.

The attack took place in the last week of 2021, when the luxury fashion brand announced an outage of its IT services but ensured that the attack would result in nothing more than a temporary outage.

Ten days later, the company released an update on the situation, reactivating its logistics systems and prioritizing e-commerce shipments that had been delayed in shipping.

Today, in a statement shared with Bleeping Computer, Moncler confirmed that some data relating to its employees, former employees, suppliers, consultants, business partners and customers were leaked today from the AlphaV (BlackCat) ransomware operation.

Moncler says it rejected the prospect of paying a ransom note as contrary to its founding principles, leading to the publication of the stolen data.

“With regards to information related to customers, the company informs that no data relating to credit cards or other means of payment have been exfiltrated, as the company does not store such data on its systems”. explains the statement shared with BleepingComputer.

Moncler also warned that further possession or disclosure of the stolen data would be considered a criminal offense.

“Moncler reminds us that all information held by cybercriminals is the result of illegal activities and that, consequently, its acquisition, use and dissemination constitutes a crime”. -Moncler.

Finally, the company reiterated that it had informed the corporate stakeholders and the Guarantor for the protection of personal data of the attack.

A victim of ALPHV BlackCat

Moncler Group is one of the earliest victims of ALPHV (BlackCat) ransomware, a new Ransomware-as-a-Service (RaaS) operation launched in early December 2021.

Our ransomware analysis ranked it as last year’s most sophisticated RaaS, mainly due to its robust operational structure, features, and thoughtful approach to all stages of the ransomware attack.

Today, the ALPHV ransomware gang released Moncler’s data on the data leak and also indicated that it requested $ 3 million not to publish the data.

From screenshots shared on the site, the stolen data includes income statements, spreadsheets with what appears to be customer information, invoices and other documents.

Moncler's data leak page on the ALPHV Tor website
Moncler’s data leak page on the ALPHV Tor website

The ransomware gang is now attempting to sell “rich customer” data to other threat actors.

Leave a Comment