US Online Retail Company suffered a data breach affecting 6.5 million customers. SHEIN debuted in 2008, and steadily grew to become one of the most acclaimed online women’s fashion stores. Their aim is to provide cutting edge fashion with an affordable price tag. The website primarily caters to women age 16-35, and is US based but ships to over 80 countries.
They recently discovered that their servers had been compromised by hackers in an attack that spanned from June 2018 until 22 August 2018 when the threat was recognised. Once SHEIN were away of the threat, they acted immediately, scanning the servers for weaknesses that were exploited and removed all possible back door entry points to the servers.
SHEIN have been selective with what information they have shared with the public; however we do know that email addresses and encrypted password information was obtained from the attack. We recommend that if you have an account with SHEIN, that you change your password as soon as possible, it is also good practise to use different passwords as often as you can, and make them complex, a password manager can help you keep track of your passwords.
The only promising news about this incident is that SHEIN don’t believe any payment card details were obtained by the hackers. However, SHEIN have enlisted an international forensic cyber security team to conduct a thorough investigation into the breach, and as a result will update users on their data if new information comes to light over the coming months.
If you do believe your payment card information has been compromised, the best thing to do is to contact your bank immediately, they will be able to issue a new card and enact any necessary security measures.