Luxottica, an Italy-based eyewear conglomerate, has been hit with a ransomware attack that has forced the company to shut its operations in Italy and China for the time being. The company says that no consumer data has been stolen in the cyberattack that took place Sunday evening. Citing “computer system failure”, Luxottica initially sent SMS texts to its employees asking them to go home. It later confirmed that it was a ransomware attack that caused them to shut off their networks “for a few hours.”
Citing Italian media reports, Bleeping Computer says that Luxottica told its employees working in its offices in Agordo and Sedico, Italy, through text messages that the company has suffered “computer system failure”, and asked them to return to their homes. Apparently, the websites for various company-owned brands, including Ray-Ban, Sunglass Hut, LensCrafters, EyeMed, and Pearle Vision were not working since Friday.
Later, Luxottica information security manager Nicola Vanin confirmed through a post on LinkedIn that the company has been hit by a cyberattack that impacted its operations. In his latest post about the cyberattack, Vanin says that there has been no theft of information, and the procedure for cleaning up the affected servers has already begun. After turning everything off for a few hours, work activities are gradually returning to normal in the company.
Citing cybersecurity intelligence firm Bad Packets, Bleeping Computer reports that the attackers possibly gained access using a vulnerability through “a Citrix ADX controller device vulnerable to the critical CVE-2019-19781 flaw in Citrix devices.” The vulnerability is reportedly popular among ransomware threat actors, and gives access to a network as well as credentials.