FatFace paid £1.45m ransom to cyber hackers behind January attack


FatFace paid £1.45m ransom to cyber hackers who put customer and employee details at risk in attack triggered by a dodgy email

  • FatFace told shoppers and staff last week their details had been hacked 
  • At-risk information included names, addresses, bank details and NI numbers
  • The attack took place on 17 January and used ransomware to lock its systems
  • FatFace did not deny its systems were accessed as a result of a phishing email 

The ‘sophisticated criminal attack’ against the clothing retailer FatFace which put employees’ bank details and National Insurance numbers and the personal details of customers at risk was caused by a staff member clicking on a dodgy email, it has been reported.

The chain was forced to pay out a £1.45million ransom to hackers after it was hit by a malware attack in mid-January which locked it out of its systems and harvested 200GB of data, Computer Weekly reported.

Hackers initially asked for $8million, around £5.8million, worth of bitcoin, the website said, but the price was talked down after the 200-store chain argued its sales had slumped by as much as 75 per cent due to the coronavirus pandemic shutting its shops.

Ransomware is a type of malware used to deny companies and individuals access to their systems until a ransom is paid or a task carried out in return for stolen data

Ransomware is a type of malware used to deny companies and individuals access to their systems until a ransom is paid or a task carried out in return for stolen data  

The report did not say when the ransom was paid, but the software attack took place on 17 January, the same day FatFace told customers and past and present employees last week it had ‘identified some suspicious activity within its IT systems’.

But Computer Weekly said FatFace’s network had been compromised a week earlier, when hackers ‘entered its network via a phishing attack.’

Ransomware, a type of malware which locks companies and individuals out of their systems until a fee is paid or a quid pro quo carried out, is frequently deployed through phishing emails, according to the National Cyber Security Centre.

‘These emails encourage users to open a malicious file or click on a malicious link that hosts the malware.’

Such emails and text messages…

Source…