Popular U.S. based Online Fashion outlet SHEIN. Has announced a security breach last week that affected around 6.42 million of its user database. SHEIN has an AU arm meaning that if you have shopped on the popular site, you may have been affected by this breach. The North Brunswick-based company is currently in the process of contacting all affected users and asking them to change passwords and login credentials for their online accounts.
Founded in 2008, SHEIN has admitted that the company has suffered a significant breach to it’s data base after an unknown hacker stole personally identifiable information (PII), the hack has been deemed to have affected over 6.2 Million people.
During the investigation, SHEIN and its IT staff, as well as its cybersecurity investigators, will continue to closely monitor the network and servers so future breaches can be prevented. In addition, SHEIN servers have been scanned and malware found on the servers has been removed. “Back door” entry points to the servers opened by the attackers have been closed and removed.
If you’re uncertain about your server and device security, contact us.
What Did The Hackers Do?
“The perpetrators orchestrated a sophisticated cyberattack that breached the security protections in place and allowed them to access email addresses and encrypted passwords on the network,” the company said in a statement posted on its website.
Although details about the incident are scarce, the online retailer revealed that the malicious hackers managed to steal gain access to email addresses and encrypted password credentials for 6.42 million customers who registered on its website.
“While the full extent of the attack will continue to be investigated, it can now be confirmed that the personal information illegally acquired by the intruders included email addresses and encrypted password credentials of customers who visited the company website,” The statement said.
“It is our understanding that the breach began in June 2018 and continued through early August 2018 and involves approximately 6.42 million customers.” SHEIN continued.
The retailer says it hired a well-known forensic cybersecurity firm as well as an international law firm to help it investigate the incident further.
What Should I Do If I Shop With SHEIN?
The company has sent an email notification out to all of their data base with a link to change their credentials for the site. You can also find the “Edit Password” link under the “Account Setting” page.
If customers believe the attackers may have compromised their credit card information, the company urged them to directly contact their respective banks or credit card companies with any concerns.
For more information regarding the breach investigation and the actions SHEIN is taking to protect its customer information, you can contact the company at 844-802-2500, or visit its FAQ at www.shein.com/datasecurity.