Man in hoodie typing on a laptop, the screen shows

Luxury fashion brand Moncler hit by ransomware attack and subsequent data breach

Luxury fashion brand Moncler has confirmed it was the victim of a ransomware attack in late December 2021, which subsequently led to data being leaked onto the dark web.

In a press release confirming the incident, Moncler said it had rejected a ransom demand, which subsequently led to stolen data being leaked onto the dark web.

Moncler also published a statement on its website.

What data was stolen?

Included in the data breach and leak was information from:

  • Current and former Moncler employees
  • Some suppliers, consultants and business partners
  • Some customers

Moncler said it doesn’t store payment data, so no details of this nature were compromised. However, the company didn’t provide any additional details on the stolen data, nor did it say whether the variety of data stolen was enough to enable criminals to commit identity theft.

It is claimed that the AlphV/BlackCat cybercrime group was behind the attack. The group is fairly new to cybercrime and only launched its so-called “Ransomware-as-a-Service” (RaaS) operation in early December 2021.

Attackers data leak site highlights ransom demand

The attackers established a data leak site, which sheds further light on what was stolen and highlighted the ransom demand of $3 million (£2.2 million).

Based on what has been published, the stolen data includes:

  • Moncler earning statements
  • Spreadsheets containing customer details
  • Invoices

According to reports, the hackers are apparently holding onto another trove of data relating to Moncler’s “rich customers” and are looking to sell this to a willing buyer.

Moncler apologises but doesn’t say how the attack happened

Moncler has apologised to affected customers and others impacted by this ransomware attack and subsequent data breach. It also said it had notified the relevant law enforcement agencies and all affected individuals as soon as it became aware of the data breach.

Moncler provided no further information about what led to the attack, how it happened, or whether any endpoints or other parts of its operation were compromised with malware.

Moncler’s press release also warned potential buyers of the stolen data that they too would be committing a criminal offence – although it’s questionable if that would prove a true deterrent to any individual or group determined to commit fraud.

The warning read: “Moncler reminds that all information in the possession of cybercriminals is the result of illegal activities and that consequently, the acquisition, use and dissemination of the same constitutes a criminal offense.”


Get in Touch

Fill in the form below to tell us your details, and we’ll get started.