Luxottica, an Italian-based eyewear company, was hit by a cyber attack that closed its stores in Italy and China. Luxottica is the largest glasses company in the world, employing over 80.000 employees, while in 2019 its revenues amounted to about 9,5 billion. The company's portfolio contains well-known eyewear brands, including Ray-Ban, Oakley, Oliver Peoples, Ferrari, Michael Kors, Bulgari, Armani, Prada, Chanel and Coach. In addition, the company has 7.000 retail stores, such as Hut, Pearle Vision or LensCrafters.
Luxottica made 75 million pairs of glasses in 2019, incl Prada, Tiffany & Co, Coach, Versace, Bulgari, Chanel, Dolce & Gabbana, Ray-Ban and many other companies. The company has dominated the eyewear market from production to distribution.
In addition to the company's 7.000 retail stores and 10 production facilities, it has also purchased some of the eyewear brands it sells, including Ray-Ban, which bought it in 1999, and Oakley, which bought it in 2007.
On Friday afternoon, there were many reports, according to which their sites Ray-Ban, Sunglass Hut, LensCrafters, EyeMed and Pearle Vision did not work. Thus, suspicions began to arise that it had taken place infringement.
In addition, its portals Luxottica one.luxotrica.com and universiti.luxottica.com currently display messages, to inform the public that the sites are under maintenance.
Italian media reported that IT systems of Luxottica offices in Agordo and Sedico, Italy, suffered from "computer system failure". As the workers could not work, they were told to go home. Later, sources confirmed to the Italian media Handle that the company's employees returned to their homes due to serious problems in the company's IT systems.
Furthermore, the Cyberecurity Bad Packets told BleepingComputer that Luxottica had a Citrix ADX control device that was vulnerable to critical vulnerability located as CVE-2019-19781 at Appliances Citrix. This vulnerability is popular on ransomware gangs. In case that hackers exploit this vulnerability, acquire access in a network as well as in credentials, which they can use to further spread through the network, in a cyber attack.
It is worth noting at this point that a recent ransomware attack on a German hospital that resulted in the death of a patient was triggered by hackers who exploited the same vulnerability to gain access to the network.
While there has been no official announcement about this holiday, according to media reports, Luxottica has been the target of a cyber attack, most likely due to ransomware.