American retail giant Bed, Bath & Beyond has suffered a data breach (opens in a new tab)The company confirmed in an 8-K filing with the U.S. Securities and Exchange Commission (SEC), despite its somewhat contradictory statements.
In its filing, the company says that it has discovered a cheat attacked one of its employees. Unknown threat actor managed to gain access to a Hard Driveas well as some shared storage that affected employees have access to.
But here’s where it gets contradictory: In the same paragraph, the company says it’s analyzing the stolen data to see if there’s any sensitive or personally identifiable information in the stolen batch. no and there is “no reason to believe” that the data is accessed.
Details are scarce
In fact, despite the ongoing investigation, Bed, Bath & Beyond says it has no reason to believe the event “has the potential to have a major impact” on the company.
Beyond this statement, the company did not provide further details. The media reached out to find out the amount and type of data stolen, but to no avail. Furthermore, the company declined to comment if it had the technical means to even detect evidence of permeation, TechCrunch reported.
This is not the first time the company has suffered a data breach. In fact, almost exactly three years ago (on October 29, 2019), the company also disclosed a data breach through its 8-K filing with the SEC.
Back then, they said they discovered a third party obtained email and password information from a source “outside the company’s systems,” which was then used to access less than 1% of guest accounts. company’s online store. While they accessed sensitive information, the attackers failed to obtain the customer’s payment card information, it was verified. As a result, Bed, Bath & Beyond does not expect the data breach to result in any substantial damages.
Through the: TechCrunch (opens in a new tab)
