Levi Strauss & Co reports data breach affecting 72,000 customers
Levi Strauss has reported a data breach involving a credential stuffing attack. The breach exposed names, email addresses, order histories, and partial payment details, prompting immediate security measures and mandatory password resets.
Levi Strauss & Co, the renowned manufacturer of Levi’s denim jeans, recently disclosed a data breach incident in a notification submitted to the Office of the Maine Attorney General. The company revealed that on June 13, it detected an unusual surge in activity on its website, prompting an immediate investigation to understand the nature and extent of the breach.
Following the investigation, Levi’s determined that the incident was a ‘credential stuffing’ attack, a tactic whereby malicious actors leverage compromised account credentials obtained from external breaches to launch automated bot attacks on another platform – in this case, www.levis.com. Importantly, Levi’s clarified that the compromised login credentials did not originate from their systems.
The attackers successfully executed the credential stuffing attack, gaining unauthorised access to customer accounts and extracting sensitive personal data. The compromised information included customers’ names, email addresses, saved addresses, order histories, payment details, and partial credit card information encompassing the last four digits of card numbers, card types, and expiration dates.
In the report submitted to the Maine state regulator, Levi’s disclosed that approximately 72,231 individuals were impacted by this security breach. Despite the breach, Levi’s assured that there was no evidence of fraudulent transactions conducted using the compromised data, as their systems need additional authentication for saved payment methods to be used in purchases.
In response to the breach, Levi Strauss & Co took swift action by deactivating account credentials for all affected user accounts during the relevant timeframe. Additionally, the company enforced a mandatory password reset after detecting suspicious activities on its website, thereby prioritising the security and protection of its customers’ data.