Jessica Haworth reports:
Retail website SheIn.com has notified customers of a serious data breach after malicious hackers stole the details of 6.42 million people.
The ‘affordable fashion’ site, which ships worldwide, was made aware of the cyber-attack on August 22, though it is believed to have started in June.
During an investigation, the company’s servers were scanned and malware was found, which was later removed.
Email addresses and encrypted passwords were taken, although it isn’t clear whether any other data was affected.
In a statement, SheIn said the hackers were able to infiltrate servers through “back door entry points”, which were later closed and removed.
The company said it has employed a “leading international forensic cybersecurity firm” to lead the investigation and prevent against any future breaches.
Read more on The Daily Swig.
If they really had passwords encrypted, kudos to them.