360 Total Security Blog

Malware steals personal information from 6.4M SheIn customers

The famous online fashion retailer, SheIn.com, has notified its customers of a serious data breach after malicious hackers stole the details of more than 6.4 million people.

“On August 22, SheIn has noticed that personal information of its customers was stolen during a sophisticated criminal cyber attack on its computer network,” the retailer stated on its official website. The note, released on 21 September, indicates that as a result, the retailer said it hired a well-known forensic cybersecurity firm as well as an international law firm to help it investigate the incident further.

A data breach occurred between June and August 2018
“It is our understanding that the breach began in June 2018 and continued through early August 2018 and involves approximately 6.42 million customers. SHEIN may update this information at a later date based on any new findings.”

SheIn said that the breach is associated with a cyber attack on its computer network that caused a malware being planted on its servers.

“Our investigation has confirmed that the perpetrators gained access to email addresses and encrypted password credentials of customers who registered on the company website,” SheIn said in its official statement, stressing that there is no evidence that credit card information was stolen. “SheIn typically does not store any credit card information on its systems,” reassured the company.

SheIn has asked its users to change their passwords and has notified anyone they believe could have been affected.

Reminder
SheIn is not the first fashion website to suffer at the hands of hackers. Also, SheIn would not be the last victim being attacked by malware. 360 Total Security Team would like to recommend our users that do not use weak password when creating an online shopping account. Users should also change their passwords regularly to keep their credentials safe.