Country's biggest double glazier Safestyle UK is hit by cyber attack

Country’s biggest double glazing installer Safestyle UK is hit by a cyber attack as spies warn of a threat from Russian hackers linked to fears of military action against Ukraine

  • Safestyle UK were targeted in a ransomware attack with hackers looking for cash
  • It comes as cyber experts warn of Russian hacker threat over tensions in Ukraine
  • The  country’s biggest double glazing installer has been hit by a cyber attack as spies warn of a threat from Russian hackers linked to fears of military action against Ukraine.

    Safestyle UK – known for its ‘You buy one, you get one free’ advertising campaign – is understood to have been targeted in a ‘ransomware’ attack.

    Hackers, suspected of being from Russia, stole as many as 400,000 customer details, sources said, and threatened to sell the data on the dark web unless the firm handed over £4million in Bitcoin, the cryptocurrency.

    Safestyle UK ¿ known for its ¿You buy one, you get one free¿ advertising campaign ¿ is understood to have been targeted in a ¿ransomware¿ attack

    Safestyle UK – known for its ‘You buy one, you get one free’ advertising campaign – is understood to have been targeted in a ‘ransomware’ attack

    The information is thought to include names, email addresses and phone numbers. Safestyle UK said it was working with police and regulators as it investigated a ‘cyber-incident’. It stressed that customers’ financial details were not compromised.

    The Bradford-based company took part of its website and IT system offline, leaving angry customers taking to social media to demand when their windows would be delivered.

    Jake Moore, of ESET, a cyber security firm, said that ransomware attacks had surged during the pandemic. ‘Online retailers are attractive to cyber-criminals because they have highly sensitive data about customers,’ he said. ‘Companies being held to ransom are also losing revenue because systems are down, so they have to decide quickly what the least worst option is. Often, that is to pay up.

    ‘Unfortunately it means it is a lucrative activity for such gangs.’ Mr Moore said firms could reduce risks with better IT security and by asking staff not to open links or attachments on emails from senders they do not trust.

    The attack comes after the National Cyber Security Centre ¿ part of GCHQ ¿ warned yesterday that ¿malicious cyber incidents in Ukraine¿ could have an impact in the UK

    The attack comes after the National Cyber Security Centre – part of GCHQ – warned yesterday that ‘malicious cyber incidents in Ukraine’ could have an impact in the UK

    Police can find hunting down the hackers almost impossible as ransom payments made in cryptocurrency leave no electronic trace.

    Angry Safestyle UK customers began complaining about being unable to contact the company at the start of the week, with one saying he had ‘spent the last 24 hours plus calling and emailing and getting no replies’.

    A company source said that staff had ‘no emails, their phones aren’t working and it’s been like that for three or four days’.

    Safestyle UK could be fined £17.5million from the Information Commissioner’s Office (ICO) for the data breach, but experts said that the regulator would be ‘lenient’ if criminals were to blame.

    The attack comes after the National Cyber Security Centre – part of GCHQ – warned yesterday that ‘malicious cyber incidents in Ukraine’ could have an impact in the UK.