FatFace

FatFace is a British clothing retailer headquartered in the United Kingdom. The company operates within the retail sector, focusing on the design, sale, and distribution of apparel for various demographics. Its business model encompasses both physical store operations and digital sales channels, serving a customer base primarily within the UK market. The scale of its retail footprint, including the number of locations or precise market share, is not specified in the available information. However, the nature and volume of data involved in a significant security incident indicate a substantial operational size and a considerable customer database reliant on the collection of personal and payment information.

In January 2021, FatFace experienced a severe ransomware attack that began with the phishing compromise of an internal employee workstation. This initial access allowed threat actors to move laterally across the company's network, ultimately exfiltrating over 200 gigabytes of sensitive customer data. The stolen information included names, contact details, and partial payment card data. The attackers subsequently demanded an initial ransom of $8.5 million, which was negotiated down to a $2 million payment. The company's handling of the breach notification drew public criticism after it instructed recipients of breach alerts to keep the incident confidential. Following the attack, FatFace engaged with law enforcement agencies and relevant data protection authorities. The perpetrators, after receiving the ransom, provided the company with recommendations for improving its network security posture, though the specific actions taken by FatFace in response to these recommendations are not detailed. This incident represents a major cybersecurity event in the company's history, highlighting vulnerabilities in its internal security controls and communication strategies during a crisis.