Embattled former fashion executive Peter Nygard’s now defunct apparel empire was victimized by a ransomware attack late last year, a newly released statement from the group of companies revealed.
Nygard, 79, helmed a suite of Canadian clothing and denim brands dating back to 1967. In December, the mogul was indicted on charges of sex trafficking, and stands accused of sexually abusing a number of women and underage girls over the course of decades. A February raid precipitated a civil class-action lawsuit against Nygard, and his firm filed for bankruptcy in March following revelations that its companies were more than $50 million in debt.
The companies, which have now entered receivership in Canada, were targeted by a ransomware attack on Dec. 12, a statement from the collective revealed last week. Cybersecurity professionals say that the attack on the group’s IT systems was contained, but while “ongoing assessment work is proceeding, the full scope and impact of the attack has yet to be determined.”
Richter Advisory Group, Inc., the court-appointed receiver of Nygard’s nine companies, urged any individuals and parties that may have had dealings with any of the groups to monitor their information for any “unusual activity,” like suspicious emails or other communications claiming to be from Nygard companies.
The receiver released a report on Dec. 30 detailing the ransomware attack, in which certain Nygard files were encrypted and therefore made un-viewable by stakeholders. Hackers demanded a payment of 99 Bitcoin ($3.6 million) for the software to “decrypt” the files on Dec. 12, eventually upping the stakes to 198 Bitcoin (more than $7.2 million) when Richter Advisory Group failed to respond to their initial demands. On Dec. 23, the hackers threatened to release Nygard’s files and data, including privileged information from Nygard’s former clients, to the public on Jan 2.
Upon being alerted to the security breach, Richter Advisory Group engaged professionals from its IT risk assessment arm and attempted to contain the spread of malware by taking all servers offline and powering them down. The group also engaged IT consultancy Sophos in attempting to salvage electronic records and programs that were compromised, successfully backing up more than 40 servers.
The company also began reaching out to former Nygard employees, e-commerce customers, wholesale and retail partners, and suppliers in order to apprise them of the event and potential risks to their information. The identity of the hackers and the motivation behind the cyber attack are still unknown, it said.
As Richter Advisory Group continues to assess the scope and implications of the virtual violation, it advised in its report that an attempt to restore the fashion companies’ IT infrastructure could be futile. While the firm is still working to recover files, “the functionality of the IT system has been permanently compromised,” it said, and will not operate as it did before the attack. Even if decryption software were to become available to help recover the stolen data, the endeavor “would be costly and may not be reasonable or appropriate given the status of these non-operating companies or the relevance to litigation matters” as asserted by Peter Nygard, his companies and their lawyers.
Nygard, who is being held in a Winnipeg, Manitoba jail as he awaits trial, appealed to be released on the first day of a two-day bail hearing that began Tuesday. Two former employees agreed to back a bond of $940,000 for the accused rapist, Bloomberg reported. His lawyer, Jay Prober, said that detaining Nygard in jail at the advanced age of 79 amounted to “nothing short of a death sentence” as the pandemic continues to spread.
Canadian prosecutor Scott Farlinger opposed the release, however, characterizing Nygard as a flight risk earlier this month. Nygard is wanted in the Bahamas on a separate case, he said, after failing to attend a court hearing there.