Saturday, June 12, 2021

U.K. kitchenware chain target of ‘sustained’ attack

Sixty-store British kitchenware chain Lakeland Ltd. has been the target of a “sophisticated and sustained cyberattack, the company told customers in an e-mail message.
 
While it was unclear whether the attackers had stolen any personal information on customers, they did manage to access two encrypted data bases.
 
RELATED CONTENT
Time to beef up federal privacy law, says Stoddart

The company deleted customer password data and told users to reset their passwords on their next visit. The company also warned users to change their passwords on other sites if they used the same password.
 
“Hacking the Lakeland site has taken a concerted effort and  considerable skill,” the company wrote to customers. “We only wish that those responsible used their talent for good rather than criminal ends.”
 
The attack exploited a recently discovered vulnerability in the company’s server-side Java software, though it did not identify the vulnerability.
 
“Quite what Java vulnerability Lakeland is referring to isn’t currently clear, but add it to the pile of reasons (if you needed any more) why you probably want to keep as far away from that vulnerability-ridden technology as possible,” wrote security consultant Graham Cluley in his blog.
 
 

Would you recommend this article?

0
0

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
IT World Canada Staff
IT World Canada Staffhttp://www.itworldcanada.com/
The online resource for Canadian Information Technology professionals.

Related Tech News