Circle K Hong Kong (Alimentation Couche-Tard)
September 21, 2025
•[ hack, retail ]
Circle K Hong Kong experienced a network disruption beginning September 21 2025 that partially halted e-payment and loyalty systems across approximately 400 stores. The company described it as a suspected cyberattack. No data encryption or data theft was reported.
Harrods (via third-party service provider)
September 20, 2025
•[ leak, retail ]
The luxury retailer Harrods disclosed that a third-party service provider was compromised, leading to exposure of roughly 430,000 customer records. The company confirmed no encryption, ransom activity, or service disruption occurred.
Auchan
August 26, 2025
•[ hack, retail ]
French retailer Auchan suffered a cyberattack that resulted in unauthorized access to loyalty account data of several hundred thousand customers, including names, postal and email addresses, phone numbers, and loyalty card numbers. Financial data such as banking details, passwords, and PINs were not compromised. Auchan notified affected individuals, deactivated cards, and reported the breach to CNIL.
Multiple Italian Hotels (via booking platform)
August 20, 2025
•[ leak, retail ]
A massive data breach hit multiple Italian hotels in Aug 2025 through a centralized booking platform, exposing customer PII, payment card data, and stay details; no ransomware encryption or disruption reported.
YES24
August 11, 2025
•[ ransomware, malware, retail ]
On August 11, 2025, YES24 suffered its second ransomware attack in two months, leading to encrypted systems and major disruption of Koreas largest internet bookstore. The incident disrupted online sales and order processing; the company did not disclose the exact ransomware group or number of customers impacted, but stated operations were severely affected.
99 Cents Only
August 1, 2025
•[ ransomware, retail ]
INC Ransom claims to have breached Dollar Tree
Chanel
July 25, 2025
•[ social, retail ]
Threat actors accessed Chanels Salesforce-hosted database at a third-party provider via social-engineering/OAuth tactics; data theft detected July 25, 2025; U.S. customer contact details exposed; no operational disruption reported.
Pandora (jewelry retailer)
July 20, 2025
•[ leak, retail ]
Pandora confirmed that a third-party vendor holding marketing/customer data was compromised, exposing PII of around 30,000 individuals; no passwords, financial, or payment data stolen.
Kering
June 12, 2025
•[ hack, leak, retail ]
Kering confirms June 2025 intrusion affecting multiple brands; ShinyHunters claims Salesforce-based exfiltration (43M+ Gucci, ~13M others); media verified samples and 7.4M unique emails; Kering says no financial/ID data; denies negotiations, which DataBreaches disputes with chat logs and a BTC micro-payment.
Phil Smith Automotive Group
June 10, 2025
•[ hack, retail ]
Unauthorized access to Phil Smith Automotive Group systems resulted in exfiltration of personal data. Approximately 12,274 individuals were affected. No encryption occurred; breach notices were mailed July 31, 2025.
Tiffany & Co
May 12, 2025
•[ leak, retail ]
Tiffany determined on 09/09/2025 that an unauthorized party accessed gift cardrelated customer data from an incident occurring ~05/12/2025; 2,590 customers affected; exposed data include PII and gift card number + PIN; separate earlier Korea/vendor incident noted but relation unclear.
The Lovesac Company
February 12, 2025
•[ ransomware, leak, retail ]
Lovesac confirmed a data breach after a ransomware site listing; letters say attackers accessed internal systems between Feb 12Mar 3, stole PII, and the firm offered 24 months of credit monitoring; RansomHub claimed the attack and threatened leaks; no encryption/service disruption reported.
Conad
January 27, 2025
•[ ransomware, malware, retail ]
Conad, an important wholesale chain in Italy, is hit with a Lynx ransomware attack.
Jan Nygaard AS, a major BMW & MINI dealership in Denmark
January 25, 2025
•[ ransomware, hack, malware ]
Den store BMW- og Mini-forhandler Jan Nygaard, der omstter for mere end to milliarder kroner, advarer efter Computerworlds afslring tirsdag morgen sine kunder om, at deres data kan vre blevet stjlet af ransomware-gruppe under hackerangreb for mere end tre uger siden.
Cycle & Carriage Singapore
January 21, 2025
•[ hack, leak, retail ]
Cycle & Carriage Singapore disclosed a data breach in which attackers accessed an application server and exfiltrated ~147,000 customer records. No encryption or disruption of operations was reported.
Frame & Optic
January 16, 2025
•[ leak, retail ]
In January 2025, the eyewear seller Frame & Optic suffered a data breach. The incident exposed almost 16k unique email addresses along with names, phone numbers and geolocation data including country, state and postcode. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
Avery Products Corporation
January 13, 2025
•[ financial, hack, retail ]
Avery Products Corporation warns it suffered a data breach after its website was hacked to steal customers' credit cards and personal information.
Green Bay Packers (Online Store)
January 6, 2025
•[ financial, hack, malware ]
The Green Bay Packers American football team notifies fans that a threat actor hacked its official online retail store in October and injected a card skimmer script to steal customers' personal and payment information.
STIIIZY
January 1, 2025
•[ ransomware, retail ]
Popular cannabis brand STIIIZY discloses a data breach after threat actors breached its point-of-sale (POS) vendor to steal customer information, including government IDs and purchase information. The Everest. ransomware group claims responsibility for the attack.
PANDORA
January 1, 2025
•[ hack, retail ]
hacked third party service
