27.9.20

Ray‑Ban parent company reportedly suffers major ransomware attack

There is no evidence that cybercriminals were also able to steal customer data

 


Amer Owaida

Luxottica, the world’s leading eyewear producer, has allegedly fallen victim to a ransomware attack that affected its Italian and Chinese operations alike. The Italy-based eyewear giant – which boasts brands such as Ray-Ban, Oakley, and Persol in its portfolio as well as produces eyeglasses for fashion labels such as Burberry, Prada, Chanel, and Versace – appears to have been hit over the weekend.

Details of the alleged attack are not immediately clear, but according to BleepingComputer, customers began reporting that the company’s Ray-Ban, Sunglass Hut, LensCrafters, EyeMed, and Pearle Vision websites were down on Friday evening.

The site also quoted Italian security specialist Nicola Vanin, who confirmed the incident, but gave assurances that no data was stolen or leaked. Of late, a number of ransomware operators have indeed engaged in doxing – traversing their victims’ files looking for sensitive information, which they will then threaten to release unless they are paid an additional fee on top of the ransom.

RELATED READING: 5 ways cybercriminals can try to extort you

Meanwhile, a Luxottica employee claimed that the attack occurred on Sunday evening, affecting the company’s global operations, with some offices still reeling from the attack’s aftermath.

Per reports from the Italian press, Luxottica’s offices in Agordo and Sedico in the province of Belluno were experiencing IT problems, with employees receiving text messages that their shifts were suspended due to a “computer system failure”.

At the time of writing, all affected websites seem to be back up and running with no signs of the incident. The company itself has yet to comment on the issue.

Citing information from cybersecurity intelligence company Bad Packets, BleepingComputer wrote that Luxottica had a Citrix ADX controller device susceptible to the critical-rated CVE-2019-19781 vulnerability in Citrix devices.