Spinneys
August 4, 2022
•[ ransomware, malware, retail ]
Spinneys, a major retailer in UAE, discloses a ransomware attack.
See Tickets
August 1, 2022
•[ financial, malware, retail ]
Ticketing service provider 'See Tickets' discloses a data breach, informing customers that cybercriminals might have accessed their payment card details via a skimmer on its website.
Union Auction Public Company Limited.
July 31, 2022
•[ leak, retail ]
DESORDEN claims to have stolen the personal data of 30,000+ individuals from Union Auction Public Company Limited.
Rede Top
July 26, 2022
•[ hack, retail ]
The supermarket group Rede Top is hit with a cyber attack.
The North Face
July 26, 2022
•[ hack, brute-force, retail ]
Outdoor apparel brand 'The North Face' is targeted in a large-scale credential stuffing attack resulting in the hacking of 194,905 accounts on the thenorthface.com website.
Better Way Thailand Company Limited
July 19, 2022
•[ leak, retail ]
Desorden claims to have breached Better Way Thailand Company Limited, a personal care products and cosmetics distributor, and stolen 180 GB of data and 60 GB of files, affecting more than 20 million individuals.
Disk Union
June 24, 2022
•[ leak, misconfiguration, retail ]
In June 2022, the Japanese record chain store Disk Union suffered a data breach. The incident exposed 690k unique email addresses along with names, post codes, phone numbers and plain text passwords.
Mcdonald's
June 22, 2022
•[ ransomware, malware, retail ]
SNATCH executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
Shoprite Holdings
June 10, 2022
•[ ransomware, malware, retail ]
Shoprite Holdings, Africa's largest supermarket chain that operates almost three thousand stores across twelve countries in the continent, is hit by a RansomHouse ransomware attack.
Optimism Foundation
June 8, 2022
•[ financial, retail ]
The Optimism Foundation suffers a $16 million worth theft of tokens. Shortly after the attacker returns $15 million.
Rainier Arms
June 7, 2022
•[ financial, malware, retail ]
Rainier Arms, an e-commerce site, discloses a data breach resulting from card skimmer infection on its site.
Numrich Gun Parts Corporation
June 6, 2022
•[ financial, malware, retail ]
Numrich Gun Parts Corporation, an e-commerce site, discloses a data breach resulting from card skimmer infection on its site.
Zola
May 21, 2022
•[ financial, brute-force, retail ]
Wedding registry website Zola confirms that it was hit with a cyberattack after dozens of customers complained on social media about their accounts being drained or breached.
Machatt Co., Ltd.
May 18, 2022
•[ hack, retail ]
Machatt Co., Ltd. issues a notice in which it addressed a data breach potentially affecting the personal information of up to 16,093 customers. In particular, Machatt confirmed that it discovered that personal information of customers from the Machatt online store operated by its company may have been leaked due to unauthorised access by a third party.
Hokusen Co.
May 16, 2022
•[ leak, retail ]
Hokusen Co., issues a notice in which it addressed a data breach potentially affecting the personal information of up to 44,559 customers, when it discovered that personal information may have been leaked due to unauthorised access by a third party.
Amart Furniture
May 16, 2022
•[ leak, retail ]
In May 2022, the Australian retailer Amart Furniture advised that their warranty claims database hosted on Amazon Web Services had been the target of a cyber attack. Over 100k records containing email and physical address, names, phone numbers and passwords stored as bcrypt hashes were exposed and shared online by the attacker.
Americanas
May 13, 2022
•[ financial, retail ]
Brazilian e-commerce conglomerate Americanas.com report a multimillion-dollar loss in sales in its financial results (923 million Brazilian reais equivalent to $183 million) after a major cyber attack earlier this year.
Dis-Chem Pharmacies
May 1, 2022
•[ leak, retail ]
Dis-Chem Pharmacies reveals that nearly 3.7 million of its clients' records were compromised during an incident involving a third-party service provider.
Fanpass
April 30, 2022
•[ leak, retail ]
In April 2022, the UK based website for buying and selling soccer tickets Fanpass suffered a data breach which exposed 112k customer records. Impacted data includes names, phone numbers, physical addresses, purchase histories and salted password hashes. The data was provided to HIBP by a source who requested it be attributed to "breaches.net".
Fonseca Supermarkets
April 28, 2022
•[ ransomware, malware, retail ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
