Dairy Farm
January 14, 2021
•[ ransomware, malware, retail ]
Massive pan-Asian retail chain operator Dairy Farm Group was attacked this month by the REvil ransomware operation. The attackers claim to have demanded a $30 million ransom.
Bourse des Vols
January 12, 2021
•[ leak, sqlinjection, retail ]
In January 2021, the French travel company Bourse des Vols suffered a data breach that exposed 1.46M unique email addresses across more than 1.2k .sql files and over 9GB of data. The impacted data exposed personal information and travel histories including names, phone numbers, IP and physical addresses, dates of birth along with flights taken and purchases.
Guns.com
January 12, 2021
•[ hack, retail ]
In January 2021, the firearms website guns.com suffered a data breach. The breach exposed 376k unique email addresses along with names, phone numbers, physical addresses, gun purchases, partial credit card data, dates of birth and passwords stored as bcrypt hashes.
ModaOperandi
December 31, 2020
•[ leak, retail ]
A data broker is selling 368.8 million stolen user records from twenty-six companies on a hacker forum. One of these victims is ModaOperandi.com.
MEO
December 24, 2020
•[ leak, misconfiguration, retail ]
In early 2023, a corpus of data sourced from the New Zealand based face mask company MEO was discovered. Dating back to December 2020, the data contained over 8k customer records including names, addresses, phone numbers and passwords stored as MD5 Wordpress hashes. MEO did not respond to multiple attempts to report the breach.
Brendon GyermekruhKft
December 19, 2020
•[ ransomware, malware, retail ]
Brendon Gyermek., a retailer of baby clothes, reveals to have been hit with a Zeppelin ransomware attack.
Nygard
December 12, 2020
•[ ransomware, malware, retail ]
Nygard, a Canada-based fashion line, is hit with a ransomware attack.
Fax Express
December 11, 2020
•[ hack, retail ]
A hacked database belonging to Fax Express was found advertised on hacker forums.
Subway
December 11, 2020
•[ hack, malware, retail ]
Subway UK that a hacked system used for marketing campaigns was used for distributing phishing emails sent out to customers. The emails distributed Excel documents laden with the latest version of the Trickbot malware.
PickPoint
December 5, 2020
•[ hack, retail ]
Unidentified hackers attacked the checkpoints of PickPoint online order delivery service. As a result, lockers at the checkpoints were unlocked.
Kmart
December 3, 2020
•[ ransomware, malware, retail ]
Kmart has suffered a ransomware attack by the Egregor operators. The Windows domain for Kmart was compromised during the attack.
Intersport
December 2, 2020
•[ ransomware, malware, retail ]
Sporting goods retailer Intersport has been hit with a Conti ransomware attack. The threat actors have dumped more than two dozen files as proof of access.
Rand McNally
November 24, 2020
•[ hack, technology, retail ]
Transportation technology firm Rand McNally was hit by a cyberattack that disrupted certain portions of its computer network.
Headlam Group
November 24, 2020
•[ hack, retail ]
Floor coverings distributor Headlam Group has detected unauthorized access to some of its computer systems.
E-Land
November 22, 2020
•[ ransomware, malware, retail ]
South Korean fashion and retail conglomerate E-Land Group said it has suspended operations at nearly half of its stores in the country due to a ransomware attack.
Lazada
November 21, 2020
•[ leak, retail ]
Online retail operator, Lazada, insisted it was not responsible for leaking any online shoppers' data following a report claiming that about 13 million records from Lazada Thailand were being offered for sale on an underground trading forum.
MercadoLivre
November 18, 2020
•[ financial, malware, retail ]
Researchers from Cybereason Nocturnus discover Chaes a malware targeting the financial information of Brazilian customers of MercadoLivre, the largest Brazilian e-commerce platform.
Cencosud
November 15, 2020
•[ ransomware, malware, retail ]
Chilean retail giant Cencosud is attacked by the Egregor ransomware. It is unclear if data has been stolen, but printers in numerous retail outlets began printing out ransom notes as devices were encrypted.
