Monsoon warned of data breach risk
MONSOON Accessorize has been accused of leaving customers’ details vulnerable after a cyber security company discovered flaws in its systems.
The retailer’s internal files were allegedly accessed by a research team at VPNpro – giving the IT company access to customer information and sensitive business documents, such as sales figures.
VPNpro exploited a flaw that could allow hackers to lock down the servers with ransomware, a spokesman for the firm said – similar to an attack on currency business Travelex earlier this year.
The firm says it has tried to contact Monsoon repeatedly since the end of May to raise the issue, but has not heard back. It added that its research followed “ethical hacking standards”.
A spokesman for Monsoon
said: “We have no record of ever being contacted by these people and have no idea what they are referring to and we do question their motives in seeking this publicity.
“We work with a number of professional consultants who regularly scan our IT systems for vulnerabilities and use a full range of thirdparty software to protect the data that belongs to us and our customers.”