On Thursday, a popular discount footwear chain Shoezone, with hundreds of locations across the UK, filed a cyber breach notice with the London Stock Exchange.
The high volume retailer reported that “certain online systems and data had been accessed without authorization, making it the subject of a cyber incident.”
Although light on particulars, the organization said “on becoming aware of the incident, Shoezone “found a way prompt ways to stop the unapproved access to its frameworks and information” already established security protocols.
The company’s site stays functional, and exchange dealings with customers and providers were not intruded on, as per the notification.
“Shoe Zone is one of the UK’s biggest footwear retailers, so this attack will cause serious concern for many of its customers, particularly if their information has been stolen, said Cassius Edison, head of professional services at Closed Door Security.
Edison additionally noticed that despite the fact that Shoezone said it doesn’t expect to be materially impacted, “we have consistently seen things can change rapidly in breach forensics, so it might be some time before we know the full extent of this incident.”
Shoezone didn’t uncover what data might have been accessed, for sure assuming that any information was stolen in the breach, however said it takes “the security of clients data very seriously and is committed to protecting clients individual information.”
Cybernews has connected with the footwear chain and is awaiting a response.
Headquartered in Leicester, Shoezone is one of the biggest shoe chains in the UK, distributing in excess of 800,000 sets of shoes each week, as per its website.
The company operates at least 330 retails stores in the UK, including 44 big box stores, lists over 2,500 employees, and has annual revenue of around £75 million.
Customer, employee data most likely compromised
“At this stage, details into this incident are sparse, yet given the organization has informed the ICO regarding the breach, this proposes individual information of either employees or clients has been affected, said Brian Boyd, head of technical delivery at i-confidential.
Nonetheless, Boyd also pointed out that it isn’t clear “how the organization has been influenced, and whether the occurrence was brought about by an insider or a cybercriminal looking to financially benefit from the attack.”
The retailer published a notice on its website for customers concerned about their data being stolen by hackers, stating that any affected persons will be notified as appropriate and per applicable rules.
“In the rare occasion that your information has been involved in a data breach you will be contacted,” Shoezone said. Meantime, the company recommends customers the following steps for security purposes:
Check bank accounts for suspicious activity
Inform your bank/credit card providers
Change your Shoe Zone Account password
Edison says as a precaution, while Shoe Zone is investigating the incident, clients shouldn’t just refresh their passwords for their Shoezone online records, yet some other records utilizing a similar password.
“With cybercrime being a particularly major threat to organizations today, groundwork for attacks is fundamental,” Edison said. On June 19th, Shoezone had reported its website down, however its not satisfactory the reason of the outage.
