The high-end furniture maker is back online and back up to speed with dealers; sources say others are facing similar attacks
HICKORY, N.C. — Century Furniture was struck by a “malware intrusion” early this month, an attack that crippled its main communications channels temporarily while its IT and other teams worked to sort things out.
No sensitive customer information was compromised, and the company’s communications channels were back up and running normally within a few days, said CEO Alex Shuford III. And while it was only a communications-related server that was directly impacted by the intrusion, it’s serving as a powerful reminder to keep digital security protocols regularly positioned on the business agenda and management playbook.
And given industry rumors that other suppliers have been hit with a similar bug, it’s a reminder that may prove useful for everyone.
Century and other Rock House Farm brands warned of the “malware intrusion,” on Facebook pages Nov. 1, noting it “caused temporary disruption to our ability to communicate via email, host our websites and access certain database resources.”
“That bad actor, for lack of a better analogy, sort of scrambled the eggs, and we had to go through the process of unscrambling them,” Shuford later told Home News Now. The breach didn’t lead to any significant production disruptions, but “we had a bull in the china shop for half a day” and that’s all it takes to cause some damage,” he said.
“It brought down some of our network connectivity between some of our production facilities,” Shuford said. “It didn’t (directly) impact the website, but it impacted our ability to communicate with the outside world. By choice, we turned off any outside connectivity until we could get our arms around it, and by definition, our website had to be down a few days.”
Social media, meanwhile, became the one channel through which Century could continue to communicate easily, and it did so, with regular progress reports. A Nov. 1 post by Shuford first alerted Facebook friends to the problem while noting, “No sensitive customer information was impacted by this intrusion nor was our core SAP database impacted.
“Please be patient with us as we work through this and send positive thoughts and energy,” he posted.
A Nov. 6 post said that while Century works on the issue, orders may be temporarily delayed. “Providing outstanding services to our customers is our top priority and please know we are working tirelessly to get our systems back up and running. Currently, we are able to manufacture products, but not yet able to process such products for shipping,” the company said.
“We are prioritizing systems in our factories so we can continue to craft furniture without significant lost time.”
Then on Nov. 10: “thanks to our incredibly diligent IT team, our systems are back up and running,” Shuford reported. “Also, with thanks to our operations team, we were also able to run our factories all last week and minimize any lost production time.”
Jerry Epperson, industry analyst and managing director of Richmond, Va.-based Mann, Armistead & Epperson, indicated Century may not be the lone industry supplier faced with a recent digital breach.
“On top of every other problem we’re having — with sourcing and missing deliveries and (problems getting) it out of the ports and getting trucks to bring it to the East Coast — on top of all this, we’re hearing a number of large manufacturers/importers are being hit with ransomware,” he said.
“There’s concern their computer systems are going to be compromised. I just can’t imagine anything worse than getting hit with ransomware in the middle of all this other stuff.”
Epperson declined to name any names on speculation. Home News Now checked with three suppliers who are rumored to be impacted, but only Century responded to the inquiry, and from all indications, the disruption was fairly minimal.
Asked if the Century’s intrusion involved ransomware, Shuford said he couldn’t comment, “but I’d tell you all of these things are done with the mindset that the person doing them can somehow monetize it.” He declined to delve too deep on the subject because a forensic firm currently is trying to determine the particulars.
At the time of the interview, Shuford didn’t know how access was gained or whether it was by an individual, a group or by some other method.
“Fortunately, for any company that has good protocols around backups and has a restore-and-recover plan, which we do, it’s not as much of a threat on the monetary side as it is a business disruption,” he said. Century didn’t lose any incoming orders, for instance, but it did have to catch up on processing them once things were back online. The company typically receives hundreds of emails daily, so “If you dam up the river and then break the dam, you get a thousand (emails) dropped in your lap.”
Shuford said he feels like he’s become a minor expert on the subject of digital breaches now that he’s read up on the topic since the incident, and one key takeaway is they happen a lot more often than most companies think.
The lesson? “Make sure you have a good backup and be thinking often about your Internet and data security, whether that means you have a meeting on it once a quarter or once a month,” he said.
“That’s certainly what we already do, and we’ll take it even more seriously going forward. You have to constantly be testing yourself for these kinds of disruptions, just as you test for supply chain disruptions or for power-interruption issues. That has to be part of the management book of risk assessment and durability testing.”
Shuford laughed when he added, “It’s 2020, so it certainly could have been worse.”
On Facebook, he thanked “the entire RHF family (inside and outside) for your kind thoughts and support. I especially want to thank our IT professionals who have been amazing as we navigate yet another 2020 hurdle. We are strong because of each of you!”