Textile company Sferra Fine Linens on Friday announced that it has started notifying individuals of a cybersecurity incident involving their personal information.
Founded in 1891, Sferra designs and sells Italian-made luxury linen products, including luxury sheets, table linens, and bedding collections, as well as decorative home accessories.
Sferra has announced that it identified the incident on April 24, but that the threat actor had access to its servers for roughly two weeks prior to that.
Impacted personal information, the company announced, includes names, addresses, birth dates, passport information, driver’s license data, Social Security numbers, financial account information, medical and/or health insurance data, electronic/digital signatures, and account credentials.
Based on the type of compromised data, it appears that it mainly belongs to Sferra employees. However, the company has not shared information on the number of impacted individuals.
“Please note, this event did not impact any of Sferra’s e-commerce platforms or any information retained in our e-commerce systems,” the company says.
It’s unclear if this was an attack conducted by a ransomware gang. SecurityWeek has checked the leak websites of major groups, but has not found any mention of Sferra.