LoveSac furniture company reports Data Breach following ransomware attack
Learn More
The LoveSac Company is reporting a data breach following a ransomware attack that resulted in unauthorized access to its internal systems and the theft of sensitive personal information.
The attack was claimed by the RansomHub ransomware group in early March 2025. The company first detected suspicious activity within its network on February 28, 2025. An investigation confirmed that an unauthorized threat actor had accessed and stolen data from LoveSac's infrastructure between February 12 and March 3, 2025.
On March 6, 2025, RansomHub publicly claimed responsibility for the breach on their dark web leak site, threatening to publish the stolen information unless a ransom payment was made.
LoveSac has not disclosed the categories of exposed data but the company's notifications indicate that the compromised information included:
- Names of customers and individuals
- Unspecified sensitive personal identifiers
The number of affected individuals has not been disclosed by the company.
As a precautionary measure, the company is providing affected individuals with two years of complimentary identity monitoring and credit protection services.
