Japanese markets are reeling after Fast Retailing, owner of the country’s popular Uniqlo retail chain, announced that hackers gained unauthorized access to more than 460,000 customer accounts. The compromised data included personally identifiable information such as names, addresses, contact info, and partial credit card details.
“It was confirmed on May 10, 2019 that an unauthorized login by a third party other than the customer occurred on the online store site operated by our company,” the company wrote on its website (translation provided by Google).
“Although the number of targets and the situation may change according to the progress of the investigation, we will report the facts confirmed at present and our response situation.”
The company said that hackers fraudulently logged into their website using login details obtained from another breach — in other words, login credentials had already been compromised, and hackers were able to use those credentials to gain access to Fast Retailing’s databases.
Fast Retailing identified the breach when customers began contacting them after receiving emails from unrecognized websites; apparently, the hackers began using the stolen information soon after gaining access. The Tokyo Metropolitan Police Department has been informed of the attack, and Fast Retailing has reset the passwords for all of the affected accounts.
What Customers Should Do After Company Website Hacks
For most computer users, the frustration of massive website hacks comes from the feeling of powerlessness. In this case, Fast Retailing suffered the breach — and end users are suffering the consequences.
While the company is taking appropriate actions to respond to the attack, they’re certainly not the only company affected by substantial security issues in 2019. In January, password management company Blur announced unauthorized access to 2.4 million accounts. While users’ passwords weren’t compromised, that’s a small consolation to the victims. Later that month, security firm Check Point announced serious vulnerabilities in the video game Fortnite that could have compromised millions of player accounts.
These events emphasize the importance of good cybersecurity hygiene. To stay safe, keep these tips in mind:
- If you open an account online, assume that it will be compromised. As every new breach proves, a single point of failure presents plenty of opportunities for malicious actors.
- Use credit cards rather than debit cards when shopping online. A stolen debit card might prevent you from accessing available cash for days or weeks, but most credit cards have built-in features to protect user security and restore credit line access quickly.
- Use unique passwords for every website. Never reuse passwords, even when it seems convenient.
- Choose secure passwords. Use long passwords with a variety of characters. See our piece on building secure passwords for more tips.
- Change your password immediately after a breach. Never reuse a password that has been compromised.
If you’ve encountered a ransomware attack due to a data breach, or if you’re looking for more information for shoring up your organization’s IT security infrastructure, contact Datarecovery.com at 1-800-237-4200 and ask to speak with a security specialist.