Louis Vuitton, owned by French giant LVMH, is the latest retailer to suffer a cyber-breach in a recent flurry of attacks that previously compromised Marks & Spencer, the Co-Op, and others. The cybercriminals have accessed Louis Vuitton’s customer data not only in the UK but also in Turkey and Korea. According to Louis Vuitton, the hackers were sitting on its systems for a full month before the intrusion was discovered.
“While our investigation is ongoing, we can confirm that no payment information was contained in the database accessed. We are working to notify the relevant regulators and affected clients in line with applicable law,” says Louis Vuitton.
As yet, the identity of the criminal group has not been revealed. But a group referred to in the media as Scattered Spider is thought to have been responsible for the previous retail attacks, and some cybersecurity analysts think it is likely that the same group may be responsible for the Louis Vuitton breach. However, ‘Scattered Spider’ is only a name given to the group by cybersecurity analysts. The members of the group, which is composed of thousands of teenage hackers in the US and the UK, refer to themselves as “The Community”, or “The Com” for short, and they resemble a traditional cybersecurity gang less than they do a teenage sub-cult.
The group responsible is particularly dangerous
The modus operandi used by the group is particularly dangerous, as it completely bypasses standard cyber-defenses. The youthful hackers use social engineering to conduct their research to identify specific key employees or discover the weakest link in the company’s supply chain.
The widespread availability of Ransomware-as-a-Service malware (RaaS), supplied by groups such as BlackCat working out of Russia, enables even youngsters with limited computer skills to deploy highly sophisticated malware with ease. However, the real skillset possessed by American and British teenagers is that they speak English and are familiar with Western culture, enabling them to pretend to be from the in-house helpdesk. The same targeted staff members would be likely to be suspicious of, for instance, a Russian voice on the line.
Nor does the group confine its attacks to retail organizations; the Australian airline Qantas was recently the victim of a socially-engineered supply-chain attack by members of The Community. Other members of the growing sub-cult are also known to have previously hacked into companies including MGM, Microsoft, Nvidia, and Electronic Arts.
