Stuller Hacked by Cyberattackers

RAPAPORT... Stuller, one of the largest US jewelry wholesalers, was the victim of a cyberattack on Saturday morning, resulting in delays to orders at a critical point in the holiday season.Customers may experience "several circumstances that are non-Stuller-like" this week following the hack, including delayed shipments and intermittent phone interruptions, president Danny Clark said Monday in a note to customers. A member of Facebook group Jewelers Helping Jewelers said Stuller had warned him it would be unable to ship in-stock product until December 7. Another said a test transaction and a large, unauthorized withdrawal had come off her business bank account, which, she suspected, was a result of the compromise at Stuller.However, Stuller said there was "no indication that [customers'] information has been compromised" and that credit cards were tokenized, encrypted, and not housed at Stuller."We cannot express enough how frustrated and disappointed we are that this had occurred at all - particularly during this crucial time for you," Clark wrote. "Since our discovery of the cyberattack, we have worked around the clock to prepare our business to serve you in all the ways you have grown accustomed to. With that said, there is more work to do."The company did not disclose the nature of the attack, which comes amid growing concerns about cybersecurity after the Covid-19 pandemic forced companies to rely heavily on their online businesses.The jeweler industry still believes its biggest danger is "the big bloke coming through the door with a shotgun," commented Greg Holland-Merten, director of UK-based HMH Consultancy & Security Services."Don't get me wrong, that's still a massive threat for them," Holland-Merten added. "But [cyberattacks are] now such an unseen threat."Update, December 1, 2020: This article now includes a further statement from Stuller about customers' information.Image: Stuller global headquarters in Lafayette, Louisiana. (Stuller)