Security
Online fashion store SHEIN announced a security breach last week that affected around 6.42 million of its customerbase. The North Brunswick-based company is currently in the process of contacting all affected users and asking them to change passwords for their online store accounts.
The company says the breach occurred over the summer, sometime in June, when hackers carried out "a sophisticated criminal cyberattack on its computer network."
Also: Best Home Security Devices for 2018 CNET
No technical details were provided about how the actual breach went down, but SHEIN said the intruders managed to gain access to customers' email addresses and encrypted passwords for its online store accounts.
The company discovered the incident on August 22, according to a press release SHEIN circulated on Friday, September 21.
"We have seen no evidence that your credit card information was taken from our systems and SHEIN typically does not store credit card information on its systems," the company said in an advisory posted on its website.
Also: Why 31% of data breaches lead to employees getting fired TechRepublic
The retailer says it hired a well-known forensic cybersecurity firm as well as an international law firm to help it investigate the incident further.
By the way SHEIN described the incident, this breach doesn't appear to be related to the recent wave of Magecart hacks --incidents where hackers placed card-stealing code inside the JavaScript files of legitimate sites.
Magecart hacks have been recently reported by Ticketmaster, British Airways, Feedify, ABS-CBN, Newegg, but also Hats.com, TechRabbit, Title Nine, and Stein Mart.
SHEIN, also spelled SheIn, is a US-based online store dedicated to women's fashion. The company was founded in 2008, and it currently ships to over 80 countries all over the world.
These are 2018's biggest hacks, leaks, and data breaches
Previous and related coverage:
What is malware? Everything you need to know
Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.
Security 101: Here's how to keep your data private, step by step
This simple advice will help to protect you against hackers and government surveillance.
VPN services 2018: The ultimate guide to protecting your data on the internet
Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.
Five computer security questions you must be able to answer right now
If you can't answer these basic questions, your security could be at risk.
Critical infrastructure will have to operate if there's malware on it or not
Retired US Air Force cyber-security expert shares his thoughts on the future of critical infrastructure security.
Ordinary Wi-Fi devices can be used to detect suspicious luggage, bombs, weapons
Researchers turn ordinary WiFi devices in rudimentary scanners that can identify potentially dangerous objects hidden inside bags or luggage.
Related stories:
- Nasty piece of CSS code crashes and restarts iPhones
- FragmentSmack vulnerability also affects Windows, but Microsoft patched it
- Data breaches affect stock performance in the long run, study finds
- Why the 'fixed' Windows EternalBlue exploit won't die
- AdGuard resets all user passwords after credential stuffing attack
- Twitter notifies users about API bug that shared DMs with wrong devs
- Wendy's faces lawsuit for unlawfully collecting employee fingerprints
- Canadian retailer's servers storing 15 years of user data sold on Craigslist
- US ISP RCN stores customer passwords in cleartext