Nando's
October 26, 2020
•[ hack, retail ]
British Nando's customers have had their accounts compromised with the hackers hijacking their accounts to place largage orders.
Century 21
October 24, 2020
•[ insider, misconfiguration, retail ]
Hector Navarro, a former Human Resources systems administrator at Century 21's Manhattan department store, has been indicted for breaching the company's network to steal and alter data after resigning in October 2019.
Made in Oregon
October 22, 2020
•[ financial, malware, retail ]
A six-month-long data breach of Made in Oregon's e-commerce site has led to customers succumbing to fraud after their financial information was exposed.
Marks & Spencer customer
October 21, 2020
•[ social, phishing, retail ]
Criminals impersonate the CEO of Marks & Spencer to trick victims into sharing their bank account details.
Dickey's BBQ
October 15, 2020
•[ financial, malware, retail ]
Dickey's Barbecue Pit, the largest barbecue restaurant chain in the US, suffered a POS breach between July 2019 and August 2020, affecting 3 million customers.
Bigbasket
October 14, 2020
•[ leak, retail ]
Bigbasket, an Indian online grocery store, has suffered a data breach with the details of over 20 million people being exposed.
bigbasket
October 14, 2020
•[ leak, retail ]
In October 2020, the Indian grocery platform bigbasket suffered a data breach that exposed over 20 million customer records. The data was originally sold before being leaked publicly in April the following year and included email, IP and physical addresses, names, phones numbers, dates of birth passwords stored as Django(SHA-1) hashes.
Unnamed e-commerece platform
October 13, 2020
•[ financial, hack, leak ]
Indian authorities are searching for a hacker who accessed the confidential data of an e-commerce company and advertised the sale of the information on the dark net. The hacker allegedly demanded money from the owner of the company to take down the list.
Barnes & Noble
October 10, 2020
•[ ransomware, malware, retail ]
Barnes & Noble has confirmed a cyberattack impacting Nook services and potentially exposing customer data. The Egregor ransomware gang is claiming responsibility.
The North Face
October 8, 2020
•[ hack, brute-force, retail ]
The North Face was the victim of a credential stuffing attack in October.
Swatch Group
September 29, 2020
•[ hack, retail ]
The Swiss watch manufacturer, Swatch, shuts down its IT-systems in response to a cyberattack.
GenRx Pharmacy
September 27, 2020
•[ ransomware, malware, retail ]
GenRx Pharmacy has suffered a ransomware attack with the hackers removing some health information.
ShopBack
September 25, 2020
•[ hack, retail ]
Local authorities are investigating a data breach at home-grown e-commerce cashback platform ShopBack, after the firm made public an incident involving unauthorised access to customers' personal data.
Sam's Club
September 24, 2020
•[ hack, phishing, retail ]
Sam's Club has been notifying customers that may have been victims of credential stuffing and phishing attacks in mid-September.
Mr Bricolage
September 24, 2020
•[ ransomware, malware, retail ]
Mr Bricolage is hit with a ransomware attack.
PXMart
September 17, 2020
•[ social, phishing, retail ]
Scammers copy the Facebook fan page of the Taiwanese supermaket chain PXMart, with the aim of "doing something nasty to those who fell for the scam".
ShopBack
September 17, 2020
•[ hack, retail ]
In September 2020, the cashback reward program ShopBack suffered a data breach. The incident exposed over 20 million unique email addresses along with names, phone numbers, country of residence and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by dehashed.com.
Shopper+
September 14, 2020
•[ leak, retail ]
In March 2023, "Canada's online shopping mall" Shopper+ disclosed a data breach discovered on a public hacking forum. The breach dated back to September 2020 and included 878k customer records with email and physical addresses, names, phone numbers and in some cases, genders and dates of birth.
Warner Music Group
September 3, 2020
•[ hack, malware, retail ]
Warner Music Group fell victim to a Magecart attack between April 25 and August 5 of this year.
Staples
September 2, 2020
•[ leak, retail ]
Giant office retail company Staples informed some of its customers that data related to their orders has been accessed without authorization.
