On Wednesday morning, Brendon Gyermekáruház Kft. Informed its customers by e-mail that its system was affected by a cyber attack. As a result, not only did user accounts and online shopping become inaccessible for a while, but attackers also had access to user data.
On Wednesday morning, Brendon Gyermekáruház Kft. Informed its customers by e-mail that its system was affected by a cyber attack. As a result, not only did user accounts and online shopping become inaccessible for a while, but attackers also had access to user data.
The company writes as early as December 19, it was detected that the IT system had been hit by a cyber attack. According to the investigation, the attack was carried out using Zeppelin-type software, which also penetrated the firewall and the anti-virus system. As they write,
the blackmail virus then encrypted certain files so that they could not access the server data. The attacker demanded a sum of money in an email to decrypt it.
As a result, the web store shut down, so shoppers could not access it, could not access their user account, could not order, and lost goods previously in the cart.
Attackers could gain access to the personal information you provide, such as your name, password, email address, telephone number, and shipping address. It is important to note that bank card data was not accessible to attackers, and our system will continue to be fully protected in this respect.
- can be read in the e-mail sent by the company. Because of this, the passwords you have used so far have been disabled and everyone is being asked to set a new one for themselves as soon as possible.
Customers can find out about their involvement and data at [email protected] and at +36 70 339 7000.
The case was reported to the National Data Protection Authority on 22 December and a report was made against the unknown perpetrator. Depending on this, however, it is strange why the company only informed customers about the attack and the alleged data leak on the 11th day after the attack. On December 20, the company wrote on Brendon Hungary's Facebook page that the site is not available due to technical reasons, and they are working to correct the error, which can be fixed by December 24.
The information letter concludes that the damage assessment and recovery are ongoing. In addition, the company is implementing several security enhancements to reduce the chances of future incidents.
Update : On December 31, the company sent the following announcement to our editorial office.
We tried to send you the notifications as quickly as possible in the circumstances. The essence of the attack was precisely to make our IT system inoperable. We needed the involvement of an external IT expert to deal with the consequences of the attack. In parallel, we have been working to ensure that, despite the holidays, we also carry out official announcements and serve our customers in full. Furthermore, we needed time to see through the problem and provide our customers with the fullest possible information. We apologize to our customers and thank you for your understanding!
The company writes as early as December 19, it was detected that the IT system had been hit by a cyber attack. According to the investigation, the attack was carried out using Zeppelin-type software, which also penetrated the firewall and the anti-virus system. As they write,
the blackmail virus then encrypted certain files so that they could not access the server data. The attacker demanded a sum of money in an email to decrypt it.
As a result, the web store shut down, so shoppers could not access it, could not access their user account, could not order, and lost goods previously in the cart.
Attackers could gain access to the personal information you provide, such as your name, password, email address, telephone number, and shipping address. It is important to note that bank card data was not accessible to attackers, and our system will continue to be fully protected in this respect.
- can be read in the e-mail sent by the company. Because of this, the passwords you have used so far have been disabled and everyone is being asked to set a new one for themselves as soon as possible.
Customers can find out about their involvement and data at [email protected] and at +36 70 339 7000.
The case was reported to the National Data Protection Authority on 22 December and a report was made against the unknown perpetrator. Depending on this, however, it is strange why the company only informed customers about the attack and the alleged data leak on the 11th day after the attack. On December 20, the company wrote on Brendon Hungary's Facebook page that the site is not available due to technical reasons, and they are working to correct the error, which can be fixed by December 24.
The information letter concludes that the damage assessment and recovery are ongoing. In addition, the company is implementing several security enhancements to reduce the chances of future incidents.
Update : On December 31, the company sent the following announcement to our editorial office.
We tried to send you the notifications as quickly as possible in the circumstances. The essence of the attack was precisely to make our IT system inoperable. We needed the involvement of an external IT expert to deal with the consequences of the attack. In parallel, we have been working to ensure that, despite the holidays, we also carry out official announcements and serve our customers in full. Furthermore, we needed time to see through the problem and provide our customers with the fullest possible information. We apologize to our customers and thank you for your understanding!
