The famous fashion retailer Guess has officially announced a data breach comprising details of 1,300 people, including account numbers, debit and credit card numbers, social security numbers, access codes and personal identification numbers.

The breach itself took place in February 2021, as according to the investigation it happened due to an unauthorised access to the systems. The attack was designed to encrypt corporate files and “disrupt business operations”.

It became known that the DarkSide gang was probably behind the leakage, because a couple of months ago its members posted Guess on their website as a hacked company stating that they had stolen 200GB from the retailer in February.

According to Dirk Schrader, Global Vice President, Security Research at New Net Technologies, "There is a fairly large amount of unanswered questions in this breach notification and the event itself. Why sensitive personal information like SSNs or account details was stored in clear text is one of them. That some data sets were apparently incomplete indicates a lack in managing clean and lean data of its customers. Being stock listed, it will be interesting to read through filings for additional details and whether SEC will ask for more details. Measures to avoid such an incident, companies should make sure to have the essential controls in place."

Learn more about how to keep your data at rest safe and regularly checked