Cyber Incident Victim: Fast Retailing

The Fast Retailing data breach impacted the UNIQLO Japan and GU Japan online stores between April 23 and May 10, 2019. Attackers gained unauthorized access to 461,091 customer accounts through credential stuffing, a technique where cybercriminals automate login attempts using credentials stolen from other platforms. The parent company, Fast Retailing, confirmed the intrusion after detecting suspicious activity during this period, though the exact discovery date wasn't disclosed. Compromised information included customers' full names, physical addresses, phone numbers, email addresses, purchase histories, and partial credit card details. The breach exclusively affected domestic Japanese customers using the brands' online retail platforms. Fast Retailing initiated password resets for all impacted accounts, forcibly disabling existing credentials and requiring users to establish new passwords before regaining access.

The company began notifying affected customers directly following the investigation, advising them to change reused passwords across other services. Support channels including a dedicated phone line (0800-000-1022) and email address were established for breach-related inquiries. Fast Retailing emphasized that online sales constituted 10% of domestic revenue during the first half of their fiscal year, underscoring the operational significance of the compromised systems. Industry context from Akamai's 2018 data highlighted credential stuffing as a prevalent threat, with 28 billion documented attempts targeting retail sectors specifically. While the attackers' identities remained unconfirmed, the breach methodology aligned with common cybercriminal practices of weaponizing credential caches from underground markets. No evidence suggested internal system vulnerabilities beyond the exploitation of reused customer passwords and limited two-factor authentication adoption.