Over 630K Customer Records Allegedly Leaked in Ransomware Attack on thehoffbrand.com

A notorious ransomware gang claims to have compromised and leaked sensitive data from fashion company The Hoff Brand SL that makes HOFF sneakers, exposing more than 630,000 customer records along with 63GB of internal documents.

The cybercriminal group known as Everest posted details of the breach on a well-known dark web forum, as well as on a mirrored leak site, alleging they obtained customer orders, corporate files, and a complete email archive belonging to the company’s CEO, Fran Marchena.

Alleged Compromise Includes CEO's Communications

The attackers specifically mention having access to the CEO's personal and professional email archives, stating that they’ve exfiltrated .pst files (Outlook email database format), a highly sensitive asset often containing confidential business communications, legal agreements, and financial data.

HOFF, based in Spain, is known for its premium sneakers and has built a global presence with a strong ecommerce footprint. As of publication, their official website remains accessible and the company has not yet released a public statement regarding the alleged breach.

Everest's Track Record

The Everest ransomware group is known in the cybersecurity community for high-profile extortion tactics and selectively publishing stolen data to pressure victims. They typically target companies with substantial consumer databases and have previously been linked to similar breaches in the retail and logistics sectors.

Risk to Customers and Partners

If verified, this breach could pose significant risk to thehoffbrand.com customers, including potential phishing attacks, fraud, and identity theft. With over 630,000 records claimed to be leaked, customers should be cautious of suspicious emails or communications appearing to come from the company.

Heading

• Customers of The HOFF should monitor their email accounts for unusual activity.
• Avoid clicking on suspicious links or downloading attachments from unknown sources.
• Businesses are urged to implement multi-layered cybersecurity protocols, regularly back up data, and ensure employees undergo security awareness training.