Attackers were inside textile manufacturer, Sferra Fine Linens, LLC’s network ten days before the company discovered a cyberattack back in April, but just released notification of the incident Friday.

Founded in 1891, Edison, New Jersey-based Sferra designs and sells Italian-made luxury linen products, including luxury sheets, table linens, and bedding collections.

“To date, we have no evidence of actual or attempted misuse of information as a result of this incident,” the company said in a statement. “This event did not impact any of Sferra’s e-commerce platforms or any information retained in our e-commerce systems.”

On April 24, Sferra said it became aware of suspicious activity on its computer servers. The company then took immediate steps to secure the network, and then called in third-party forensic specialists, who then deployed countermeasures to contain the attack.

Sferra said it began an investigation to determine the nature and scope of the activity, with the assistance of third-party forensic specialist. The investigation found that certain files may have been subject to unauthorized access between April 14 and April 24 this year.

Schneider Bold

Given that some files were accessed without authorization, Sferra undertook a comprehensive review of the data to understand the specific information stolen and who it related to.

The stolen information varied by individual but included some of the personally identifiable data like name, address, date of birth, Social Security number, driver’s license, financial account information, medical and/or health insurance information, passport information, electronic/digital signature, and account access credentials.

After discovering the attack, Sferra took steps to confirm its system security, and engaged third-party forensic specialists to assist in conducting a comprehensive investigation of the event to confirm its nature, scope, and impact. The company also notified federal law enforcement.

As a result of the attack, Sferra said it has instituted additional security measures to better protect against future similar events.

Further details on the attack are not immediately available, such as was this a ransomware attack, who did the attack, and why it took so long to release the information, among others.


Pin It on Pinterest

Share This