Ermenegildo Zegna Ransomware – A Fashion Cyber Emergency

Ransomware attacks are on the rise, and lately, they’ve been hitting more and more big companies around the world. A while ago, popular names such as Emil Frey and Mizuno were targets of huge cyber attacks. Now, Italian luxury fashion house Ermenegildo Zegna is added to the mix as the latest ransomware victim.

When threat actors commit such crimes, both the company and its customers are at risk. However, when a breach is in place, the company is obliged to disclose the incident immediately so that the customer can take proper precautions.

Well, that didn’t exactly happen this time as Ermenegildo Zegna’s attack occurred back in August 2021. Now, it’s April 2022 and the company finally disclosed the breach. What effect did this delay have? What data did the threat actors expose? Find out below.

Ermenegildo Zegna Ransomware – A Malicious Attack with Style

Such attacks are not going out of style anytime soon as they’re increasing year by year. In fact, last year saw a huge jump in the number of ransomware attacks as it rose by 92.7% compared to 2020 levels.

In 2020, reports recorded around 1,389 while 2021 saw around 2,690. Apparently, cybercriminals are getting more creative and they now have better tools to work with, which explains the increase in numbers.

Ermenegildo Zegna disclosed an attack that occurred back in 2021, which caused an extensive IT systems outage and a large-scale interruption.

The company did state that there was some kind of unauthorized access at the time. However, a full disclosure of a ransomware attack came 7-8 months later when investigations concluded. Here’s what the company had to say:

“In August 2021, we were subject to a ransomware attack that impacted the majority of our IT systems. As we refused to engage in discussions relating to the payment of the ransom, the responsible parties published certain accounting materials extracted from our IT systems.”

According to the company, they did not negotiate with cybercriminals. In other words, they paid no ransom and they had to restore what’s been affected from backups in the weeks that followed the incident.

The Culprit?

So the main question is: Who’s behind the attack? When the incident took place, RansomEXX claimed responsibility. The group did publish data to force the fashion firm into paying a ransom.

The malicious group published the stolen data online the day of the firm’s announcement of their attack:

As seen in the image above, the amount of files leaked is huge. In total, the threat actors published 20.74GB of stolen data, which raises concerns. You can see the list included in the posed ZIP File below:

Unfortunately, the page hosting the list has become very popular. As of now, Zegna’s listing on the leak portal has harnessed more than 483,000 visits.

The bad news continues with the confirmation that came from Zegna. The leaked data is 100% authentic and the company did not comment on any impact done to their clients and partners.

Ermenegildo Zegna Ransomware – Malware is Definitely Not Last Season

Big companies are becoming the main targets of several ransomware attacks. This chain of malicious practices is not going anywhere as cybercriminals are enhancing their capabilities day by day.

What companies should do is make sure that their systems are always well protected against such infiltration techniques. If that’s not enough, they should at least inform all those affected as soon as possible.