Over 72,000 Levi’s customers have had their accounts compromised in a credential stuffing attack, according to a notice published by the Maine Office of the Attorney General (OAG). The incident was detected on June 13.
A breach notice detailed an “unusual spike in activity” on Levi’s website that day. Levi’s subsequent investigation indicated it was a credential stuffing attack, where attackers used compromised credentials obtained from third-party data breaches to access accounts on www.levis.com. Levi’s clarified that they were not the source of the compromised credentials.
In response, Levi’s forced a password reset on June 13 for all user accounts accessed during the attack. The notice emphasized that attackers could have viewed order history, names, emails, stored addresses, and partial payment information (last four digits of card numbers, card types, and expiration dates). However, the company stated that no fraudulent purchases appeared to have been initiated using this information due to the secondary authentication required for transactions.
Levi’s advised affected customers to change their passwords for other online accounts, recommending the use of strong and unique passwords as a defense against credential stuffing threats.
Emily Phelps, Director, Cyware:
“The sensitive nature of customer data and the potential risks associated with its compromise underscores the critical need for robust cybersecurity measures in the retail industry. Modernizing security operations and operationalizing threat intelligence sharing are pivotal in defending against such threats. Ensuring the security of customer information is paramount, and adopting advanced cybersecurity practices is essential in safeguarding trust and maintaining resilience against evolving cyber adversaries.”
While companies need to do better to protect customer data, I have to point out that credential stuffing attacks only work because people use the same passwords on different sites. Thus user education needs to be part of the solution so that this is an attack vector that disappears.
Like this:
Like Loading...
Related
This entry was posted on June 26, 2024 at 8:06 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
72,000 Levi’s Accounts Pwned Via A Credential Stuffing Attack
Over 72,000 Levi’s customers have had their accounts compromised in a credential stuffing attack, according to a notice published by the Maine Office of the Attorney General (OAG). The incident was detected on June 13.
A breach notice detailed an “unusual spike in activity” on Levi’s website that day. Levi’s subsequent investigation indicated it was a credential stuffing attack, where attackers used compromised credentials obtained from third-party data breaches to access accounts on www.levis.com. Levi’s clarified that they were not the source of the compromised credentials.
In response, Levi’s forced a password reset on June 13 for all user accounts accessed during the attack. The notice emphasized that attackers could have viewed order history, names, emails, stored addresses, and partial payment information (last four digits of card numbers, card types, and expiration dates). However, the company stated that no fraudulent purchases appeared to have been initiated using this information due to the secondary authentication required for transactions.
Levi’s advised affected customers to change their passwords for other online accounts, recommending the use of strong and unique passwords as a defense against credential stuffing threats.
Emily Phelps, Director, Cyware:
“The sensitive nature of customer data and the potential risks associated with its compromise underscores the critical need for robust cybersecurity measures in the retail industry. Modernizing security operations and operationalizing threat intelligence sharing are pivotal in defending against such threats. Ensuring the security of customer information is paramount, and adopting advanced cybersecurity practices is essential in safeguarding trust and maintaining resilience against evolving cyber adversaries.”
While companies need to do better to protect customer data, I have to point out that credential stuffing attacks only work because people use the same passwords on different sites. Thus user education needs to be part of the solution so that this is an attack vector that disappears.
Share this:
Like this:
Related
This entry was posted on June 26, 2024 at 8:06 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.