Skip to main content

Lumber Liquidators responds to network security incident

The specialty flooring retailer has returned to normal operations following an apparent malware attack.

Lumber Liquidators is publicly reporting that it initially discovered a network security incident at about 9:15 am on Wednesday, Aug. 21, 2019. The retailer’s network and computer systems began to manifest symptoms of malware that ultimately disabled certain corporate and store systems nationwide. The company says it took “immediate action” to contain the incident, and within hours had mobilized its internal IT team and obtained outside assistance to begin diagnosing and remediating the malware infection.

Stores have remained open since the malware was discovered. As of Tuesday, Aug. 27, Lumber Liquidators says that with a few exceptions, stores have regained the ability to conduct normal POS transactions.

Lumber Liquidators is continuing its investigation, which is expected to last several weeks, but so far has not discovered evidence of compromise of any sensitive consumer or employee data. According to the retailer, the vast majority of customer and employee data, including customer credit card information, is secured and maintained on systems outside of the its proprietary network.

Lumber Liquidators maintains cybersecurity and other insurance, but has not yet determined net financial impact of this incident. The company says it will provide periodic updates.

"Our first priority has been to continue to serve our customers and aid our store employees in that effort," said Dennis Knowles, president and CEO, Lumber Liquidators. "We used manual workarounds to facilitate transactions and brought in outside resources to help ensure we returned to normal operations as soon as possible."

Based in Toano, Va., Lumber Liquidators operates 416 locations across the U.S.
This ad will auto-close in 10 seconds