Everest Ransomware Breach Exposes Hoff Brand Customer Data
Everest Ransomware Group Targets The Hoff Brand S.L. in Major Data Breach
The Hoff Brand S.L., a prominent Spanish fashion company celebrated for its innovative sneaker designs, has allegedly been targeted by a significant ransomware attack orchestrated by the Everest ransomware group. This breach has reportedly exposed sensitive data of approximately 630,000 customers, marking a substantial cybersecurity incident in the retail sector.
Company Profile and Industry Standing
Founded in 2016, The Hoff Brand S.L. has quickly carved out a niche in the casual footwear market, particularly recognized for its stylish and comfortable sneakers. The company primarily operates through online retail channels, enabling it to reach a broad audience without the constraints of physical storefronts. With a workforce of around 150 employees, Hoff has shown impressive growth, reporting sales of €16,987,155 in 2020. The brand's dedication to creativity and self-expression distinguishes it in the fashion industry, positioning itself as a platform for artistic expression and individuality.
Details of the Ransomware Attack
The Everest ransomware group claims to have breached Hoff's systems, exfiltrating 63GB of internal documents and files, including the complete email PST database of CEO Fran Marchena. The compromised data reportedly includes a wide array of customer and order details, such as full names, email addresses, physical addresses, phone numbers, financial status, payment methods, and shipping information. The breach was discovered on January 17, 2025, with a ransom deadline set for January 26, 2025.
Everest Ransomware Group's Modus Operandi
Active since December 2020, the Everest ransomware group is known for its double extortion tactics, encrypting victim data while threatening to leak sensitive information. Recently, the group has shifted its focus towards selling access to networks, acting as an Initial Access Broker. This evolution in tactics suggests that Hoff's systems may have been compromised through unauthorized access sold by Everest to other cybercriminals. The group's ability to infiltrate networks using sophisticated techniques such as lateral movement and credential access highlights the vulnerabilities that companies like Hoff face in the digital age.
Implications and Industry Impact
This attack underscores the growing threat of ransomware in the retail sector, where companies like The Hoff Brand S.L. are increasingly targeted due to their valuable customer data and reliance on online operations. The incident serves as a stark reminder of the importance of cybersecurity measures to protect sensitive information and maintain consumer trust.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!