Benetton Group's Encounter with Ransomware and the Imperative for Retail Cybersecurity"

Incident Date:

April 3, 2024

World map



Benetton Group's Encounter with Ransomware and the Imperative for Retail Cybersecurity"


Benetton Group


Hunters International


Prozano Veneto, Italy

, Italy

First Reported

April 3, 2024

Benetton Group Suffers Ransomware Attack

Company Overview

The Benetton Group, a well-known fashion company with a global presence, has reportedly been targeted by the ransomware group Hunters. Benetton Group is one of the best-known fashion companies in the world, with a network of about 4,000 stores across the globe.

The company is known for its commitment to sustainability and social responsibility, with a focus on respect for the environment and human dignity. Benetton operates several retail chains under the Benetton, Sisley, and Playlife brands, as well as the United Colors of Benetton and Undercolors of Benetton sub-brands. It has a presence in more than 120 countries and ships products to over 5,000 outlets globally.

Vulnerabilities and Past Attacks

The exact motive behind the attack on Benetton Group is not known, but the company has stated that it has implemented safety and prevention protocols to mitigate any significant damage. The attack was classified as ransomware, but the ransom demand and exfiltrated data amount are not specified in the available information. The incident follows a string of cyber attacks on Italian brands and companies, including Vodafone Italia and the Italian government.

Ransomware attacks were first noticed earlier in January 2023, and the company announced that operations were expected to resume by January 23. Despite the severity of the attack, which targeted several devices and the company's system, Benetton's security measures and preventive actions taken by their IT team and Security Operations Center were able to thwart the attack and minimize its impact on daily operations.

This most recent attack in April 2024 highlights the ongoing threat of cyber attacks on businesses, particularly in the retail sector. Despite the company's efforts to prevent and mitigate the attack, the incident underscores the importance of robust cybersecurity measures and continuous monitoring to protect against potential threats


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.