Kitchenware store Lakeland suffered a cyber attack on Friday evening, where attackers were able to access two encrypted databases.
According to an email notification, hosted here by ThreatTrack Security, the company was not able to find any evidence that data was stolen, but as a precaution it has deleted all customer passwords used on its site and has invited customers to reset their passwords next time they visit the Lakeland site.
It said: “We deeply regret that this has occurred and apologise for the inconvenience caused. The security of our customers' data is hugely important to us and we are devastated to have fallen victim to these criminals. This has occurred despite the best efforts of ourselves and the industry-leading IT company that runs our website for us to use the best security systems available.
“We are committed to protecting our customers' data and will continue to seek additional measures to ensure the integrity of our systems.”
It went on to confirm that attack was achieved via a Java flaw in the website and it suspected that achieving this “has taken a concerted effort and considerable skill”. It said: “We only wish that those responsible used their talent for good rather than criminal ends.”
Dodi Glenn, director of security content management at ThreatTrack Security, said: “It is common practice to purge passwords in the event someone suspects a compromise of their database. While customers may be alarmed as is natural in these circumstances, Lakeland should work with the authorities to identify what information was leaked.
“Customers should have the right to know if their credit card numbers were stolen. Lakeland and others should take note that being proactive instead of reactive is the best approach, because brand reputation is priceless.”
Greg Day, VP and CTO EMEA at FireEye, said: “The Lakeland attack highlights some key issues that all companies need to be aware of: typically there is still the perception that advanced persistent threats (APTs) are aimed at government and global companies, this attack validates that all industries and market sizes are being targeted.
“With the depth and complexity of todays IT, organisations struggle to keep pace from a security perspective. Companies need to start looking at the problem from another angle: all too often we over focus on preventing attacks, but companies are starting to recognise that breaches will occur, which means we need to: understand the what, where and how and gather up the forensic data to identify the indicators of compromise that help us understand; gain insight into the who and why by looking at data such as the communications and call back points we can often glean some insight into the motive of the attacker; and accept that a compromise can happen, and start to look at what is an unacceptable loss.”