Levi Strauss resets 72,000 passwords due to data breach
Jeans manufacturer Levi Strauss has informed over 72,000 customers that their password has been reset because of a cyber attack.
In a notice addressed to affected customers, the company says employees detected suspicious activities on their accounts. An investigation showed that unknown parties launched ‘an automated cyber attack’ in order to access the accounts.
The security incident is associated with a credential stuffing attack, meaning that threat actors obtained usernames and passwords from other sources. This information is then used by a bot to test these credentials against other websites.
Because people tend to use the same login credentials across multiple websites and online platforms, it’s easy for an unauthorized person to gain access to and take over control of online accounts.
This all happened on Thursday June 13. As a precaution Levi Strauss decided to deactivate the login credentials of 72,231 customers.
According to the company, full names, email addresses, stored addresses, order history and partial information of credit cards and banking cards may have been viewed by the attackers. The jeans manufacturer says there are no signs that any fraudulent purchases were made.
Levi Strauss emphasizes its security detection tools worked as they should have, and continues to evaluate and identify improvements to strengthen the security of its website. The company recommends affected customers to check their personal information on their account and use a unique and strong password for other online accounts.
Victims may use identity theft and fraud alert services for a year from a major credit bureau, free of charge.
Your email address will not be published. Required fields are marked