Cyber Incident Victim: BZB, Jules
Date:
Sep 2022
Location:
France
Summary
A cyberattack disrupted operations for fashion retailers Jules and BZB, rendering their websites inaccessible and crippling internal systems, including order processing and inventory replenishment. Physical stores relied solely on existing stock, initially accepting only cash payments before card transactions were restored. The parent company, FashionCube, confirmed the incident but denied receiving ransom demands, asserting customer payment data remained uncompromised. Headquarters and logistics staff were temporarily idled, utilizing leave or compensatory time during the outage. While the malware family remained unidentified, the attack caused significant operational and sales impacts, mirroring recent disruptions experienced by other apparel brands. IT operations for the affected brands were managed externally by CGI under a long-term outsourcing agreement.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 5 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On September 29, 2022, the websites of French clothing retailers Jules and BZB became inaccessible, with initial public messaging attributing the outage to site maintenance. By September 30, telephone inquiries to physical stores revealed a broader disruption: point-of-sale systems had failed overnight between September 28-29, preventing new orders, inventory replenishment, and card payments. Stores operated on existing stock only, with some offering 24-48 hour holds for specific items paid in cash. FashionCube, the parent company (part of the Mulliez Family Association), initially described the shutdown as precautionary due to "suspected cyberattack" but avoided formal confirmation until October 3. Operational impacts escalated rapidly, with headquarters and logistics staff instructed to take leave or use accrued time off until October 3 while the company assessed severity.
FashionCube confirmed the cyberattack on October 3, clarifying that customer payment data remained unaffected. Card payment functionality was restored in physical stores by that date, though online platforms remained offline. The company expressed hope to restart logistics systems within the week and directed customer inquiries to operational after-sales services. No malware family was identified publicly, and FashionCube reported receiving no ransom demand, though ransomware involvement remained plausible given typical attacker communication patterns. The incident disrupted FashionCube's CGI-managed IT infrastructure, outsourced under a 10-year contract signed in 2021. This attack followed recent cyber incidents affecting other French apparel retailers in FashionCube's network, including Camaïeu (whose 2021 attack exacerbated financial troubles preceding its September 2022 liquidation) and Damart (targeted by Hive ransomware earlier in 2022).