Homeware Giant Is Subject To Cyber Attack

It’s not just small businesses and personal users who need to keep an eye on their internet security – a recent revelation from homeware giant Lakeland has revealed that the company was subject to a cyber-attack.

Described as a ‘sophisticated cyber-attack’ by BBC News, two databases were accessed by hackers despite the fact that both were encrypted. Exactly what data these databases contained has not yet been revealed.

Speaking of the attack, a spokesperson for the retailed noted: “We discovered that the Lakeland website was being attacked by hackers in a sophisticated and sustained attack. Immediate action was taken to block the attack, repair the system and to investigate the damage done and this investigation continues,” as told by The Register.

A swift reaction

Following the discovery of the security issue, Lakeland worked round the clock to rectify it, keeping customers in the loop at all times.

In a move which has been lauded by retail and IT experts across the country, Lakeland were open regarding the discovery of the flaw, and relayed directions to customers swiftly to change their passwords as a precaution. A flaw within Java software has been identified as the main culprit for the failing, but Lakeland is yet to reveal the details of the hacking.

Lakeland also suggested that customers change the passwords for online accounts for other companies and services if they used the same password for their Lakeland login.

Speaking to Computer Weekly, computer security expert Graham Cluley commented: “Far too many people use the same password for multiple websites, meaning that if their password gets hacked in one place they could find other online accounts are subsequently compromised.”

Learning from mistakes

Despite the fact that the value of research into this particular security compromise, Lakeland has yet to agree to release the details to other companies, and refuses to name the IT company which they had chosen.

An internal investigation is expected to begin shortly and details will be given to the police to assist in this. However, the refusal to offer such information to other retailers has left the homeware giant under criticism from companies which wish to prevent becoming victim to the same attack.

Speaking to IT Pro, security expert Dodi Glenn pointed out: “Lakeland should work with the authorities to identify what information was leaked. Customers should have the right to know if their credit card numbers were stolen.”

“Lakeland and other should take note that being proactive instead of reactive is the best approach, because brand reputation is priceless.”

Andrew Mason, co-founder of security company RandomStorm, has pointed out how the attack reinforces the fact online businesses require the best of security software: “The Lakeland web security breach demonstrates the need for companies to continuously monitor their networks for vulnerabilities and active threat vectors and to act upon the vulnerability reports.”

“We congratulate Lakeland on its rapid response and hope that the company will share its finding to enable other online merchants to shore up their defences against this latest attack vector.”