Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Malware Takes Down Lumber Liquidators’ Network

North American hard-surface flooring retailer Lumber Liquidators this week revealed that it managed to restore most of its network after a malware attack disabled parts of it for nearly a week. 

North American hard-surface flooring retailer Lumber Liquidators this week revealed that it managed to restore most of its network after a malware attack disabled parts of it for nearly a week. 

The incident, the company said, was discovered on August 21, when its network and computer systems started showing signs of a malware infection that “ultimately disabled certain corporate and store systems nationwide.”

The company says it started remediation operations and the investigation into the incident almost immediately. In addition to mobilizing its own team to address the infection, the company also employed outside expertise.

“Beginning today, Tuesday, August 27, 2019, with very few exceptions, stores regained the ability to transact using normal point of sales systems, and much of the customer-facing impact of the incident has been resolved,” Lumber Liquidators says. 

To date, the company notes, the investigation hasn’t revealed any possible compromise of sensitive and confidential consumer or employee data. 

The retailer keeps the vast majority of customer and employee data, including customer credit card information, stored on systems outside of its network, which provided an additional level of protection in this attack. 

Lumber Liquidators hasn’t provided information on the malware used in the attack, but its description of the incident suggests it was ransomware. 

“Our first priority has been to continue to serve our customers and aid our store employees in that effort. […] Our diligent work over the past several years to develop system redundancies and business continuity plans paid dividends that were made apparent in our ability to remain open while working to restore our systems,” Dennis Knowles, President and Chief Executive Officer, commented. 

Related: Ransomware Attack Hits Health Firm LabCorp

Related: The Growing Threat of Targeted Ransomware

Related: Eurofins Scientific Paid Up in Response to Ransomware Attack: Report

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.

Incident Response

A new Mississippi Cyber Unit will be the state’s centralized cybersecurity threat information, mitigation and incident reporting and response center.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Funding/M&A

Thoma Bravo will spend $1.3 billion to acquire Canadian software firm Magnet Forensics, expanding a push into the lucrative cybersecurity business.

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...