Levi Strauss notifies customers of cyberattack


Personal information, including partial payment details, may have been obtained by bad actors during an automated credential-stuffing attack on Levi’s online store.

The maker of the famous Levi’s denim jeans reported that over 72,000 accounts were affected during a “security incident” that was detected on July 13th.

Order history, name, email, and stored addresses may have been viewed by the threat actor, the company said.

Information that includes the last four digits of card number, card type, and expiration date may have also been exposed“if you have saved a payment method,” it said.

Levi Strauss also said that “it does not appear that any fraudulent purchases were initiated” using the exposed information.

“Our systems do not allow saved payment methods to be used for purchases without a secondary means of authentication,” it said.

The company's investigation showed the incident as an automated credential-stuffing attack.

Credential stuffing is an automated cyberattack where fraudsters use stolen usernames and passwords from one platform and attempt to log in to accounts on other platforms.

Password leak checker

Has your password been leaked online? Find out with our password leak checker tool in seconds and take action to protect your data today.

Check if your password has been leaked

In response to the attack, Levi Strauss said it issued “a forced password reset” that will require customers to create a new password to access their accounts.

“We suggest that you change the passwords – using a strong and unique password – for your other online accounts. This is an important defense against credential stuffing threats,” it said in a notification letter.

Roku, a streaming service, has recently also suffered a large-scale credential stuffing attack that impacted 576,000 accounts.