SHEIN servers were breached by hackers and as a result of the intrusion sensitive data of over 6.4 million users was hijacked. The incident occurred between June and August 2018 according to the company statement. Our article sums up the available information on the incident.
Shein Infected With Malware, As a Result of the Infection Data of 6.4 Customers Was Hijacked
The SHEIN servers were breached by an unknown hacker or criminal collective, the available information shows that this happened this year between the months of June and August. The company states that the main cause is a targeted cyberattack on their main servers which resulted in the deployment of malware. The dangerous virus code accessed the stored customers data which includes their email address and encrypted passwords. It is estimated that this affects over 6.4 million of users that have used the online site.
As soon as the security staff discovered the threat they removed the backdoor access and mitigated the malware infection. At the moment the users are being notified of the impact and the company has started an investigation seeking to find out what caused the infection and who are the responsible groups behind the cyberattack.
This particular attack is merely yet another hit on major online retailers targeting data extraction of customers data. In most of the cases the hackers will seek to harvest the data in large databases which can either be abused further or sold to interested parties. A list of the possible actions taken on by the hackers against SHEIN customers include the following:
- Identity Theft — The fact that the hackers have extracted the email and encrypted password means that they can use it to acquire other personal information about the victims either manually or using automated software. Identity theft is a common crime among computer criminals and it can lead to various types of abuse that ultimately will have a very negative impact on the victims.
- Phishing Messages Creation — The email messages acquired through the hack can be used to coordinate large-scale phishing campaigns. They pose as legitimate messages sent by a company or service they use and the most common call to action is the deployment of a malware threat. In the last few months both miners and ransomware strains are the main weapons of choice.
- Blackmail — The victims can be blackmailed via email messages or other contact methods. The collected information information about them can be used to coerce the users into paying the criminals.
For more information you can access their statement here.