Checkmate, Data Breach

Online chess is one of the classic, time-honored traditions of the digital age – and yet there haven’t been too many data breaches in that realm.  One made news a couple of years ago, and now another. 

Chess.com, the leading online chess platform, admitted that the personal data of thousands of users had been exposed in a recent data breach, via a system compromised by hackers.  Based on the report, this is another incident of a third-party vendor breach, in which an external system was exploited to checkmate the main company network.  Names and other personal information were exposed, resulting in notifications being sent out to players, albeit three months after the fact.

Moving from gaming to the world of high fashion, the French Kering group, owner of such brands as Gucci, Balenciaga, Brioni and Alexander McQueen, revealed a data breach of these names discovered in June.  Earlier this year we saw data breaches come to big brands like Harrods, Cartier and Louis Vuitton, so when we say every facet of society is now vulnerable to cybercrime, we do mean “every.” 

Cyberattacks from the ShinyHunters group (named after the Shiny Pokemon mechanic from that franchise) hit the brands to steal information from names and addresses to purchase histories.  The group claims to have taken 56 million customer records in two separate attacks, in which Gucci was hit twice.  No financial or credit card data seems to be at risk.  In response to Kering’s assurance that they notified authorities and consumers, however, the Information Commissioner’s Office denied receiving any such breach report.

Oddly enough, a message posted last week by ShinyHunters and their accomplices in the hacker group Scattered Spider, claims that the two cabals have fulfilled their mission and are going into retirement.  Industry experts are dubious.  Law enforcement efforts have led to several arrests in recent years, and feeling the heat can lead to fake retirements of this sort.  Why, just last month both groups made a similar statement on Telegram, only to create a new channel ten days later.  Nor have they deleted their channel this time or ceased posting, it seems.  

When your data is at risk, NetLib Security’s patented Encryptionizer solution is the key to protecting stored data from prying eyes.  By locking down your database, bad actors will find the sensitive data within unusable for their schemes.  Encryptionizer works across all environments – physical, virtual and cloud – with no additional programming required.

Cyber criminals have clearly left no industry unturned, and customers and companies alike must remain alert and not be tricked by false resignations.