[BreachExchange] Ray-Ban parent company reportedly suffers ransomware attack
Destry Winant
destry at riskbasedsecurity.com
Tue Sep 22 10:25:25 EDT 2020
https://www.techradar.com/news/ray-ban-parent-company-reportedly-suffers-ransomware-attack
Italian luxury eyewear company Luxottica appears to have fallen victim
to a ransomware attack that took down its services in Italy and China.
Owner of popular brands including Ray-Ban and Oakley, the conglomerate
employs circa 80,000 people worldwide across its various business
segments.
Customers first noticed something was amiss when the websites of
Luxottica-owned Ray-Ban, Sunglass Hut, LensCrafters, EyeMed and Pearle
Vision went down.
Company web portals one.luxotrica.com and university.luxottica.com
were also unavailable, this time serving up a maintenance alert.
Reports from Italian publication Ansa, meanwhile, suggest the service
outage was caused by “computer system failure” and that employees
working out of Italian offices in Agordo and Sedico were sent home as
a result, with work made impossible.
Luxottica cyberattack
While Luxottica has not yet confirmed the cause of the outages, early
signs suggest a cyberattack - and likely ransomware - is responsible.
According to security firm Bad Packets, Luxottica operates a Citrix
ADX controller that suffers from a critical vulnerability that could
allow a hacker to execute code on a target machine.
Citrix released a patch for the flaw back in January, but not all
organizations have installed the relevant update and the exploit
remains a popular attack vector among ransomware operators.
“Exploits of this issue on unmitigated appliances have been observed
in the wild. Citrix strongly urges affected customers to immediately
upgrade to a fixed build OR (sic) apply the provided mitigation,”
warned the networking giant.
Only last week, for example, the vulnerability was used to launch an
attack on a German hospital with devastating effects, illustrating the
destructive potential of ransomware.
Luxottica has not yet responded to our request for comment on the
nature of the outages and whether or not ransomware is responsible.
More information about the BreachExchange
mailing list