Do you love buying your clothes online? Online shopping can be convenient and fun, but there’s a downside — with the frequency of data breaches occurring these days, your information is at constant risk from hackers and identity thieves.
Website hacks and compromised point-of-sales seem to occur on a regular basis and the next big cyberattack is just around the corner.
Take this newly revealed data breach, for instance. If you shopped for clothes here recently, there’s a good chance that hackers now have your personal information.
Read on and learn more about the latest data breach that’s affecting millions of this online clothing shop’s customers.
SHEIN data breach
Women’s online fashion store SHEIN has announced recently that its servers were recently breached with a sophisticated criminalcyberattackthat leaked the confidential information of around 6.42 million customers.
Free digital life and tech tricks to make you smarter
Learn the tech tips and tricks only the pros know.
The company confirmed the hackers managed to snag personal information including email addresses and the encrypted passwords of customers who visited its website between June 2018 and earlyAugust 2018.
However,SHEIN claims that they haven’t seen evidence that credit card information was taken from their systems during the breach since it doesn’t store that type of data on its servers.
Immediately upon becoming aware of thebreach, SHEIN revealed that it hired a leading international forensic cybersecurity firm and an international law firm to conduct a thorough investigation.
However, SHEIN also admitted in its advisory that it became aware of the breach on Aug. 22. Why it waited almost a month to inform its customers is a bit troubling to us.
Fun fact: SHEIN was established in 2008 by a small group of entrepreneurs fromNorth Brunswick, New Jersey.
What happened?
According to SHEIN’s security advisory, the attackers managedto breachits security protections and plant malware on its servers.
The company did not specify the type of malware that was involved in the cyberattackbut it wrote that the affected SHEIN servers have been scanned and the malware has been removed. The server backdoors and entry points used by the hackers have also been closed and removed.
The investigators and SHEIN’s IT department will continue to closely monitor their network and servers to prevent similarbreaches in the future.
What now?
SHEIN is now in the process of notifying affected customers and the proper authorities about the cyberattack.
Customer notices are now being sent via email that provide instructions on how to reset account passwords via SHEIN’s website.
Customerscan also log into their account on SHEIN’s website, visit “Account Settings” then click the “Edit Password” link to immediately to protect their accounts.
Although there is no evidence that credit card information was stolen, SHEIN is urging its customers to contact their bank or credit card company if they notice any suspicious activity on their payment cards.
SHEIN is also offering a year’s worth of identity theft monitoring services to affected customers. Contact SHEIN at844-802-2500 for more information.
Hackers are becoming more dangerous than ever
It’s easy to become complacent as we get news of yet another data breach each day. But the truth is tens of millions of hackers are launching billions of online attacks to get your information. Kim Komando tells you who the worst offenders are.
What to do after a data breach?
Whenever a data breach like this occurs, there are standard security steps that we should all take to protect our accounts.
- First, you should already be frequently checking your bank statements, looking for suspicious activity.If you see anything that seems strange, report it immediately to your bank. It’s the best way to keep your financial accounts safe.
- Scammers will try and piggyback on data breaches like this. Beware of phishing scams that pretend to be from SHEIN.
- It’s also a good time to audit your online accounts and passwords. This is especially true if you use the same credentials for multiple websites.
- Lastly, if you think you are already compromised, put acredit freezeon your accounts as soon as you can.
Tap or click here for detailed tips on how to improve your online security.
FAQs
At the time, Shein said that the names, email addresses, and "encrypted password credentials" of "approximately 6.42 million customers" had been stolen by hackers who had planted malware onto its servers.
How many customers leave after data breach? ›
According to PCI Pal's recent survey: In the US, 83% of consumers claim they will stop spending with a business for several months in the immediate aftermath of a security breach, and over a fifth (21%) of consumers claim they will never return to a business post-breach.
How does a data breach impact customers? ›
When a data breach happens, people lose faith in the company. This causes them to question whether they should continue doing business with the company. They may stop trusting the company completely and instead choose to do business elsewhere. This loss of customer confidence can have long-lasting effects.
What was the business impact of the data breach? ›
Managing Cyber Risk
For example, 60% of organizations that have experienced data breaches have raised their prices. On average, companies experiencing a significant data breach incident underperform the NASDAQ by 8.6% after one year, and this gap can widen to 11.9% after two years.
How much did Shein get fined for data breach? ›
The owner of fast-fashion site Shein has been fined $1.9m (£1.69m) over its handling of a data breach. Login details for 39 million Shein accounts were stolen in 2018 after its parent company, Zoetop, was targeted by hackers.
How many people have been affected by a data breach? ›
The report found that 49.6 million Americans were affected by breaches in 2022, which actually represents a drop from 53.4 million in 2021. Still, the impact of breaches has grown substantially in recent years.
How many people were affected by the largest data breach? ›
Yahoo. Hackers stole account and personal information impacting 3 billion user accounts in 2013, though hackers did not get credit card and bank account data. At the time, it was the largest-ever disclosed data breach.
Can customers sue for data breach? ›
Following a data security incident, consumers may be able to bring a lawsuit against a company that negligently stored, maintained or transferred their information. If your information was compromised in a data leak, it is essential you understand what is at risk.
Who gets affected by data breach? ›
Breach impacts
Data breaches hurt both individuals and organizations by compromising sensitive information. For the individual who is a victim of stolen data, this can often lead to headaches: changing passwords frequently, enacting credit freezes or identity monitoring, and so on.
What are two major impacts of data breach? ›
A data breach can easily result in identity theft when sensitive information is exposed to unauthorised individuals. Hackers can use this information to steal a person's identity and commit fraudulent activities, such as opening new accounts or making unauthorised purchases.
Data breaches can affect the brand's reputation and cause the company to lose customers. Breaches can damage and corrupt databases. Data breaches also can have legal and compliance consequences. Data breaches also can significantly impact individuals, causing loss of privacy and, in some cases, identity theft.
How many businesses go out of business after data breach? ›
According to the US National Cyber Security Alliance, 60% of small businesses that suffer a cyber attack go out of business within half a year. That's right—if a cyber criminal successfully breaches your small business's data, then odds are that your business will have to shutter within just six months.
Which company had the largest data breach? ›
The 15 biggest data breaches of the 21st century
- 1. Yahoo. Date: August 2013 Impact: 3 billion accounts. ...
- Aadhaar [tie with Alibaba] ...
- Alibaba [tie with Aadhaar] ...
- LinkedIn. ...
- Sina Weibo. ...
- 6. Facebook. ...
- Marriott International (Starwood) ...
- 8. Yahoo.
If you think your package may have been stolen, you'll need to reach out to SHEIN directly. Start by visiting SHEIN support here within 45 days of your expected order date. From here, you'll be connected to a customer service chat bot that will either connect you to a customer service rep or let you submit a ticket.
Does Shein mishandle customer data? ›
On October 12, 2022, New York Attorney General Letitia James fined Zoetop Business Company, Ltd. (“Zoetop”), the owner of fast-fashion brands SHEIN and ROMWE, $1.9 million for mishandling a 2018 data breach and lying to the public about the scope of the breach.
Did Shein steal artist work? ›
Shein violated the RICO Act by stealing people's designs, a lawsuit says Three artists are accusing the e-commerce giant of selling exact copies of their designs on its website. Shein has faced similar accusations before.
How many percent of the customers move business to a competitor after a data breach? ›
The Relationship Between Data Breaches and Reputation
A Centrify study found that 65 percent of data breach victims lost trust in an organization as a result of the breach. IDC found that 80 percent of consumers in developed nations will defect from a business if their information is compromised in a security breach.
What is the 72 hour rule for data breach? ›
As noted above, the NCUA deliberately incorporates CIRCIA's requirement that covered entities provide notification of a reportable incident not later than 72 hours after an entity "reasonably believes" that such an incident has occurred.
