Another Week, Another Hack: Guess

Another Week, Another Hack: Guess


Welcome to the latest installment of “Another Week, Another Hack,” where we’ll do a quick dive into yet another cyber security incident.  This week a prominent fashion brand was hit, and I’ll give you one guess as to who it was… Well?  Yes, that’s right, it was none other than the famous Guess Brand.

 

So they’ve now confirmed data breaches in which the cybercriminals walked off with quite a bit of confidential data including social security numbers, contracts, passwords, payment details, and a bunch of other stuff no one wants floating out there.

 

They were breached earlier this year, and the hackers were lurking on their networks for quite some time until they were able to gain access to this confidential data. Reports are stating that the breach occurred sometime in February this year and affected individuals were just recently notified. The details are still not completely clear, but a forensic investigation in May revealed that some personal information may have been accessed by unauthorized parties. Individuals whose information was potentially breached have been subsequently notified.

 

The potentially affected individuals are getting free credit monitoring, which I guess is better than nothing? No official numbers, but we’re hearing roughly 1,300 possible victims. Guess will be reportedly beefing up information security after this incident. I suppose that’s a good idea, right?

 

Guess hasn’t revealed much else, but the DarkSide Gang lists Guess on their leaks site, so they might have been the perpetrators of the attack. This is the same bunch who took down the Colonial Pipeline earlier this year, so check out that video if you haven’t had the chance. Guess also claims the breach didn’t have any impact on their operations.

 

So with little public information, we can deduce a few things.

 

  1. They either caught the breach fairly early, or it was limited to just a couple of systems that had weaker security. That’s good news. Their IT team was likely on the ball, but even the best of us could see something like this slip through the cracks.
  2. Any compromised data was backed up. If this didn’t affect their operations, then the affected computers were either minimally used or were fairly easily restored from backups. They might have even had some advanced business continuity setup.
  3. The company took the right steps in addressing this incident and notifying the potentially affected individuals. It’s a safe bet that they’ll be taking on an even stronger information security posture going forward.

 

All in all, not the worst possible outcome. Look, nobody wants to get compromised, but it seems like they managed to neutralize this threat before it went widespread. Guess they were pretty on the ball, right?

 

So what precautions can you take to further protect yourself from something like this happening to you? I’ve got the three big ones to consider:

 

  1. Keep your systems patched and up to date. Older, date Operating Systems and Applications are some of the biggest security threats out there. Up-to-date systems are far less likely to be compromised.
  2. Use Next-Generation Firewalls and Anti-Virus. Now based on the outcomes here, Guess likely did at least have some of these in place. These tools will, in most cases, identify and block threats before they can cause widespread damage. They’ll even detect and isolate real-time threats with a live Network Operations Center keeping an eye on events as they happen. Tools like Sentinel One, Huntress, Todyl, and others can be particularly effective in preventing attacks as they happen.
  3. Consider not self-hosting outside-facing servers. No matter how good your infosec team is, you’re not Google, Microsoft, or even an average hosting company with an extremely vested interest in keeping security as tight as possible.

 

Well, that wraps up this edition of “Another Week, Another Hack.” I’d love to hear about what you think in the comments below. Do you have any questions about what companies can do to better secure their environments? Remember to like and subscribe, and I’ll catch you on the next one!