Sign up for our newsletter
Technology / Cybersecurity

Lakeland attacked by cybercriminals

Homeware retailer Lakeland, basked in the UK, has asked its customers to change their passwords after being hacked.

The attack involved cybercriminals breaching two of the company’s encrypted databases.
In a statement on the company website, Lakeland admitted to discovering the breach on July 19, but said that until a full investigation is complete it is unclear if any data was stolen.

In an email sent to customers on July 23, Sam Rayner, managing director at Lakeland, stated: "We have decided that it is safest to delete all the customer passwords used on our site and invite customers to reset their passwords next time they visit the Lakeland site. Next time you log-in to your Lakeland account you will be asked to reset your password and provide a new one. It is not necessary to do this straight away, just the next time you want to use the account.

"We also advise, as a precaution, that if you use the same password on any other account/s, you should change the passwords on these accounts as soon as possible. We do not know for certain that the hackers succeeded in stealing data, however since there is a theoretical risk and because it is our policy to be open and honest with our customers, we are being proactive in alerting you.

White papers from our partners

"We deeply regret that this has occurred and apologise for the inconvenience caused.

"The security of our customers’ data is hugely important to us and we are devastated to have fallen victim to these criminals. This has occurred despite the best efforts of ourselves and the industry leading IT company that runs our website for us to use the best security systems available. We are committed to protecting our customers’ data and will continue to seek additional measures to ensure the integrity of our systems."

Rayner explained that Lakeland had been subjected to a sophisticated cyber-attack using a very recently identified flaw in the Java software used by the servers running our website, and indeed numerous websites around the world. This flaw was used to gain unauthorised access to the Lakeland web system and data.

"Hacking the Lakeland site has taken a concerted effort and considerable skill," he added. "We only wish that those responsible used their talent for good rather than criminal ends."

This article is from the CBROnline archive: some formatting and images may not be present.