Italian luxury fashion house Ermeneglido Zenga reports that a 2021 ransomware attack resulted in an extensive systems outage for the company. Could the same group of ransomware attackers strike your organization? 

Ermeneglido Zenga history

Ermeneglido Zenga (a.k.a ‘Zenga’) is an elite Italian luxury fashion house and the largest menswear brand in the world by revenue. The brand was founded in 1910 by Ermeneglido Zenga, of the Piedmont region in Northern Italy.

Ermeneglido Zenga operates over 480 retail stores worldwide, and maintains an export-oriented business strategy. In 2021, revenue exceeded 1.2 billion and the group reported a 27% year-over-year growth in revenues for the same fiscal year.

Ermeneglido Zenga ransomware

Men's fashion icon
Luxury Italian fashion brand Ermeneglido Zenga reports a 2021 ransomware attack.

Information about the Zenga breach first appeared in today’s filing of SEC Form 424B3, which updated the company’s investment prospectus. The writing was intended to provide investors with general information about possible corporate risks, including cyber attacks.

“A malfunction that results in a wider or sustained disruption to our business could have a material adverse effect on our business, results of operations, and financial condition. In addition to supporting our operations, we use our systems to collect and store confidential and sensitive data, including information about our business, our customers and our employees.

Any unauthorized access to our information systems may compromise the privacy of such data and expose us to claims as well as reputational damage. Ultimately, any significant violation of the integrity of our data security could have a material adverse effect on our business, results of operations, and financial condition.”

To expressly highlight investment risks, the report went on to offer an example of a ransomware attack that affected the company in August of 2021. The details revealed that the attack disrupted most of the company’s systems, and precipitated a large-scale IT outage. The immediate effects of the outage remain unknown to the public.

Zenga’s ransomware mitigation

In mitigating the ransomware, Zenga explains that the company did not pay the ransom. Instead, the company gradually restored information from backups across subsequent weeks.

Although Zenga did previously disclose unauthorized system access, confirmation of ransomware only came about through the SEC filings.

RansomEXX claims attack

Last year, the RansomEXX group claimed responsibility for the Zenga breach. To further extort Ermeneglido Zenga, hackers published stolen data.

The criminals claimed to have copied 20.74 GB of information. The stolen digital loot is believed to have been distributed in password-protected ZIP files. As of the present writing, Zenga’s listing on a related black-market portal has allegedly received more than 480,000 clicks.

Previously, RansomEXX has disrupted other corporate groups, including Hellman Wordwide Logistics. It has also attacked a governmental group within Italy, leading to problems with the region’s ongoing coronavirus vaccination campaign.

Experts state that the RansomEXX hackers tend to target Windows systems and virtual machines running VMware ESXi servers.

Client and partner impact

In its prospectus, Zenga does note that the company maintains commercial relationships with third-parties. The company has not yet commented on the ransomware attack’s implications for partners and clients.

To read the Ermeneglido Zenga prospectus, click here. Lastly, to receive cutting-edge cyber security news, insights, best practices and analyses in your inbox each week, sign up for the CyberTalk.org newsletter.