Fashion retailer SHEIN revealed data breach that affected 6.4M users

by Lucia Danes - -

SHEIN reported that millions of customers' data was breached after a successful cyber attack

SHEIN data breach

On 21st of September, the US-based fashion retailer SHEIN announced[1] that unidentified hackers managed to access personal data of 6.42 million users. The company revealed that the breach was in effect from June until August 22, and the data stolen included customers' encrypted passwords, as well as email addresses.

After becoming aware of the cyberattack, the fashion retailer immediately contacted forensic investigators and the law enforcement. The internal and external IT specialists are currently working on the analysis of the breach, while the company is urging users to change their passwords, also claiming that the website is now safe to use:

The site is safe to visit. At this time, SHEIN is requesting that all customers reset their passwords by clicking the link on the email notification from SHEIN or logging into their account on this website and clicking the “Edit Password” link under the “Account Setting” page to immediately to protect their accounts. After completing the password reset process, customers should feel safe and confident about making purchases.

SHEIN is a fashion retailer which is based in North Brunswick and was found in 2018. According to the company, it is selling affordable and trendy clothes for women, shipping to more than 80 countries. 

Magecart does not seem to be involved this time

As the research of the occurrence is on-going, no exact details were provided. The full extent of the attack is still not fully known, but SHEIN said that, apart from email addresses and encrypted passwords, bad actors did not manage to reach users' financial information:

We have seen no evidence that your credit card information was taken from our systems and SHEIN typically does not store credit card information on its systems. If you believe your credit card information may have been compromised, we urge you to contact your bank or credit card company with any concerns. If you have information to share with us about a problem, we encourage you to reach out to +44 800-802-1077.

Because the company does not store credit card details on its systems and it is stored on the external servers, it is safe to say that the breach only affected internal networks.

The series of large data breaches occurred in recent months that involved major companies like British Airways,[2] Ticketmaster and Newegg.[3] These incidents were primarily connected to the hacking group Magecart – it uses a sophisticated credit card skimming campaign.[4] Since no credit card details were stolen, it is safe to say that the infamous group is not connected to SHEIN data breach.

All SHEIN customers should take immediate action to secure their private data

Personally identifiable information is extremely valuable on the black market, and, while one email address might sell for as low as $1,[5] millions of accounts sold can gain hackers a substantial financial gain. This compromised data can be later used for illegal purposes like identity theft.

Therefore, customers who were buying merchandise from SHEIN between June and August 22nd should immediately take action – change their passwords from the link provided in email notification sent by the company or by accessing their Account settings online.

Additionally, those who believe that their financial data might have been compromised should contact their banks and block their account.

About the author

Lucia Danes
Lucia Danes - Virus researcher

Lucia is a News Editor for 2spyware. She has a long experience working in malware and technology fields.

Contact Lucia Danes
About the company Esolutions

References