The ransomware gang exfiltrated 40 gigabytes of data from the fashion house, including HR and salary details.
Luxury Italian men’s clothing line Boggi Milano has confirmed what Ragnarok was already bragging about on the Dark Web: The brand was hit with a ransomware attack, according to multiple sources.
Ragnarok and Boggi Milano representatives who spoke to Bloomberg agree on the facts; the ransomware attack exfiltrated 40 gigabytes of data, including human resources files and salary information. Bloomberg was provided access to documents confirming the breach.
TechNadu meanwhile reported that, with the help of KELA, a monitoring tool for the Dark Web, investigators were able to look at filenames being leaked by Ragnarok and found payroll files, payment PDFs, vouchers, tax documents and more.
Boggi Milano is based in Italy, and has 190 stores in 38-plus countries, according to the company, outfitting men in high-end fashion.
No one has disclosed how much Ragnarok wants in ransom to return the files. The Boggi Milano website is still up and running, and the brand said it is working with Italian authorities on the matter.
No Industry Immune
Erich Kron from KnowBe4 said this is yet another reminder that no industry is immune from ransomware attacks.
“Although the impact to the operation of the organization appears to be minimal, the loss of roughly 40GB of data, potentially including that of customers and employees, can be a significant issue,” Kron added. “Fines from data breaches with this type of data can be significant, and as an organization that operates globally, could be imposed from multiple countries whose citizens have been impacted.”
The number of ransomware attacks have spiked 350 percent since 2018, according to research from PurpleSec and criminals operating these malware groups are willing to hit anyone to make a buck — hospitals, schools, vaccine manufacturers and food supplies and even local governments have all been victims of ransomware in the past year.
“Ransomware attacks are the new great digital train robbery, stealing data and crippling business through a constantly evolving attack ecosystem and malware that can evade perimeter controls,” Mark Bower, a data-security expert from comforte AG said, via email.
Both a back-up strategy and a plan to stop attacks from happening are critical for any business, Bower added.
“If data is neutralized using modern data-centric techniques that enable data use in the enterprise while protected, while restricting access to the minimum live data, attackers will get the equivalent of digital coal, not data gold, and soon move on to the next vulnerable target,” he said. “For the enterprise, this avoids the impact of a data breach and financial demand at the same time.”
Check out our free upcoming live webinar events – unique, dynamic discussions with cybersecurity experts and the Threatpost community:
- April 21: Underground Markets: A Tour of the Dark Economy (Learn more and register!)