What We Know About Red Wing’s Cyber Attack
Editor’s note: After more than three months offline, Red Wing’s online store reopened mid-February 2021.
The following article was published December 30, 2020.
For a perfect lesson on how not to handle a catastrophe, look at Red Wing.
On Halloween, Red Wing suffered a cyberattack. Yes, Halloween. For two whole months that encompassed Black Friday, Cyber Monday, and the entire holiday period, nobody has been able to buy any shoes online from Red Wing — that includes Red Wing Heritage, their Red Wing Work line, and their sister brand Irish Setter.
If you didn’t know, why would you? The only places reporting on the kneecapping of the country’s best known boot company are local Minnesota outlets, the Star Tribune and the Grand Forks Herald. In a statement to the Star Tribune, a Red Wing spokesperson said,
Upon discovering the incident, our response team took immediate action to understand and contain the threat, including taking systems offline to limit potential damage. At this time, we have been able to restore service to some systems and services, and are continuing to work on restoring the remaining systems.
That was over a month and a half ago.
Adding to the confusion surrounding the event, Red Wing has otherwise been completely silent, with their website only stating,
Due to a system outage, we are not currently accepting orders through our website.
That’s it — no mention of what happened, or if they can be expected to come back online at all.
Untold thousands have visited the site over the months, been unable to make a purchase, and were only able to leave, frustrated and empty handed. Those who have decided to instead try their luck at one of their 500-plus retail stores may have been successful, but the stores have been badly affected too: clerks have been writing paper receipts, “processing credit cards by hand and getting a phone OK on the amount,” showing the cybersecurity breach has apparently upset every level of the company’s retail operations.
On Reddit, u/farleymcg pasted this response from Red Wing’s “Shelly” at Consumer Relations after he tried to find out what was happening with his boot resole. (This was sent at the start of December, emphasis ours.)
Thank you for reaching out to us at Red Wing Shoes. We apologize for the delay in our response but are currently experiencing a technology system outage. This incident is complex, and our investigation is ongoing. We are working as quickly as we can to resolve this issue and appreciate your patience and understanding in the meantime. Your boots have been completed and should be shipping out within the next 3-5 business days. We truly apologize for the inconvenience.
[Related: 5 Things You Don’t Know About Red Wing]
The lack of communication has led speculation to run rife in the community. Is recovery even possible? Will the company fold? Probably and probably not, but Red Wing’s deafening silence is doing nothing to restore the trust that has been lost in the consumer base.
It’s been a devastating chapter in the company’s history. Red Wing is privately held, so they’re not obligated to release any information to shareholders, but the incident has all the hallmarks of a ransomware attack, a kind of cyberattack that is becoming increasingly common. This year, we’ve seen several high profile ransomware cases that have affected, among others, the Georgia state government and Garmin, an activity tracker company that paid hackers $10 million in “ransom” to get their company back online in August.
2020 was already a difficult year for the American economy, and it remains to be seen when and if Red Wing can bounce back from losing their online sales for such a long period of time. There are rumors they’ll be back online this January — but customers shouldn’t have to make do with rumors.
Red Wing needs a new PR team.
George Chan
I agree they NEED a new PR team and a whole new IT revamp. No one goes down for less than a week before being able to recover, I’m an IT guy so I know. This goes deeper than that, not a good sign.
There’s always backup servers and backup of data offsite to Storage Area Networks. ALL data should have been recovered within 3 days or less and loaded onto new hardware/servers with new network security apps/software.
Nick
Yes, it sounds like they’re rebuilding their whole infrastructure. The paper receipts thing is so crazy to me. Appreciate your input, George.
Keaton Schreiner
My father is a teacher for Baltimore county public schools in Maryland and they had a ransom ware attack right before Christmas and it has messed everything up. Everyone had to turn computers in, software all corrupted, files gone and payroll off. It’s definitely becoming a major problem.
Nick
That’s brutal. I was surprised to learn the actual Georgia government was hit so badly by ransomware as well. Poor Red Wing!
Joe
We can sympathize with Red Wing factory, store, and maybe mid level management employees; but I just can’t say poor Red Wing. Having or not having proper IT security is a choice made by upper management and bean counters. It’s also usually a fairly large expense. And it sounds like maybe Red Wing corporate elected to forgo that expense. If so, they made an irresponsible choice that’s going to cost them a whole lot more in the end than if they had just implemented proper IT security from jump. I’ve shopped at a couple local Red Wing stores over the past couple months and listened to the stories of the employees. They couldn’t clock-in/out or get paid for the first few weeks after Halloween and even now are still doing everything by paper. RW corporate is also not telling them much either. Just crazy – and awful communication internally and externally.
Nick
Well said, Joe! I’m dying to find out when they’ll be back. I don’t know much about IT to begin with but the fact that an attack is able to span this much of the organization, down to the receipt-writing, is so mind boggling to me.
Matt G
I went Into a Redwing store on Black Fridayday ordered a pair of Blacksmiths. Still do not have them 5 weeks later and no indication when I will receive them.. store manager told me it was a ransom attack and redwing is refusing to pay.
Agree with prior comments, two months and still not recovered? Not a good indication of The companies systems, backup plans and management. Someone did not do their job.
Nick
You ordered them IN A STORE and you don’t have them? Good to hear another guy say it was a ransomware attack. I wonder how much the ransom is versus how much a better IT team would have been…
Matt G
Update: Stopped by store. I still have not received my Boots! 2 months now.
Owner said Red Wing rebuilding computer systems and expect to by up by mid FEBRUARY. Factory focused on work boots. Hertitage not being made now so I may be waiting for a while.
I just wanted charcoal blacksmiths!
Nick
Brutal! I bought some Red Wings from Northern Republic, there are some stores out there stocking Red Wings, just not in all the sizes.
Jon
Thanks for the article. I have my son’s receipt here in paper… for his 875s. It was crazy the process… and I got them on small business Saturday… I didn’t think anything of it but I have been watching other boot makers with awesome boots for this fall/winter, great sales, and great service… only to hear nothing from RW…
Nick
I’m so curious as to how this will develop. Like how long will the recovery take, what will become of Red Wing?! It’s such a huge story, I don’t get why no major outlets are reporting on it.
Jonny C.
Probably related to the SolarWinds breach. If that’s the case, it’s pretty substantial.
Nick
Oh i wasn’t familiar! Thanks Jonny
Schaeffer DeArmond
Anyone have a status update on the hack and system outage?
Nick
Nothing yet Schaeffer! Maybe if I did a video it would prompt a response haha
Philip A Maggiore
A believe my personal information has been hacked through the cyber attack. Furthermore, it took 2 months (60 days) to process a refund. Red Wing has lost control. I would prefer not to step foot in one of their brick & mortar stores. Customer service needs work. Red wing actually wrote down on a carbon less copy my full account info , exp date and code. When red wing finally agreed to pay me , they offer to send the cash through the us mail. I’m still flabbergasted. Class action anyone?
Philip A. Maggiore
Nick
The whole debacle is just unthinkable, I’m kind of amazed the company is still standing after the loss of revenue and trust.
Eric B.
Looks like redwing is back with online ordering available. https://www.redwingshoes.com/
Nick
YES
Joe Irvin
I’m looking at the site about a month after it was reported the site was back up and running, it looks like maybe it’s back down? I don’t know because I haven’t been to their website for a long time and can’t remember what it was before. But all their boots etc say it’s available in-store only and looking at individual models the only button you get is “find a store.” Hmmm…
Nick
Some of the models need to be found in store but most you can buy from the site, Joe! eg https://www.redwingshoes.com/heritage/mens/6-inch-boots/Iron-Ranger-08085.html?cgid=mens-6-inch-boots
Shelly
They still, almost a year later aren’t back up and fully running. They are only damaging their brand at this point.
Nick
Oh they went back online late winter this year, Shelly! http://www.redwingshoes.com