Retail & E-Commerce Data Breaches — Customer & Payment Compromises

Retail & E-Commerce Data Breaches (595 indexed)

high · retail · Nov 27, 2023

Jam Tangan

434,784 records exposed — Email addresses, IP addresses, Names, Passwords and 2 more

View incident → Original disclosure Indexed 2 years, 4 months ago

high · retail · Nov 24, 2023

KitchenPal

98,726 records exposed — Dates of birth, Email addresses, Genders, Geographic locations and 4 more

View incident → Original disclosure Indexed 2 years, 4 months ago

high · retail · Nov 17, 2023

Staples Office Supplies

120K customer records exposed after cyberattack disrupted online ordering for 5 days

View incident → Original disclosure Indexed 2 years, 4 months ago

high · retail · Nov 5, 2023

Crate & Barrel / CB2

320K customer records exposed via web skimmer injection on checkout pages

View incident → Original disclosure Indexed 2 years, 5 months ago

high · retail · Nov 3, 2023

Fitmart

214,492 records exposed — Email addresses, Passwords

View incident → Original disclosure Indexed 2 years, 5 months ago

medium · retail · Nov 1, 2023

Ontario Cannabis Store

Postal service partner breach exposed customer names and delivery addresses

View incident → Original disclosure Indexed 2 years, 5 months ago

critical · retail · Nov 1, 2023

Hot Topic (credential stuffing)

5.7M customer records exposed across brands

View incident → Original disclosure Indexed 2 years, 5 months ago

high · retail · Oct 29, 2023

Ace Hardware Corporation

1,200 franchise locations affected by cyberattack — inventory and POS systems disrupted

View incident → Original disclosure Indexed 2 years, 5 months ago

high · retail · Oct 29, 2023

Ace Hardware (Cooperative)

1,200+ servers encrypted in cyberattack — 80% of systems affected

View incident → Original disclosure Indexed 2 years, 5 months ago

critical · retail · Oct 21, 2023

Tunngle

8,192,928 records exposed — Email addresses, IP addresses, Passwords, Usernames

View incident → Original disclosure Indexed 2 years, 5 months ago

critical · retail · Oct 17, 2023

AndroidLista

6,640,643 records exposed — Email addresses, Names, Passwords, Usernames

View incident → Original disclosure Indexed 2 years, 5 months ago

high · retail · Oct 10, 2023

Air Europa (Spain)

Payment card data stolen from reservation system — customers told to cancel credit cards

View incident → Original disclosure Indexed 2 years, 6 months ago

critical · retail · Oct 5, 2023

Hjedd

13,204,029 records exposed — Email addresses, IP addresses, Passwords, Usernames

View incident → Original disclosure Indexed 2 years, 6 months ago

high · retail · Oct 2, 2023

Horse Isle

27,786 records exposed — Email addresses, Genders, IP addresses, Names and 3 more

View incident → Original disclosure Indexed 2 years, 6 months ago

critical · retail · Sep 20, 2023

American Airlines

5.7M customer records exposed via compromised employee email accounts — flight and passport data

View incident → Original disclosure Indexed 2 years, 6 months ago

medium · retail · Sep 15, 2023

Aritzia (Vancouver)

Customer order data exposed in vendor breach

View incident → Original disclosure Indexed 2 years, 6 months ago

high · retail · Sep 14, 2023

Clorox / Burt's Bees

Ransomware disrupted consumer goods production — $49M quarterly loss from order backlog

View incident → Original disclosure Indexed 2 years, 6 months ago

critical · retail · Sep 11, 2023

MGM Resorts International

$100M loss from Scattered Spider social engineering — casino and hotel systems down 10 days

View incident → Original disclosure Indexed 2 years, 7 months ago

high · retail · Sep 10, 2023

Dick's Sporting Goods

590K customer records exposed via compromised warehouse management system — addresses leaked

View incident → Original disclosure Indexed 2 years, 7 months ago

high · retail · Sep 8, 2023

Dymocks

836,120 records exposed — Dates of birth, Email addresses, Genders, Names and 2 more

View incident → Original disclosure Indexed 2 years, 7 months ago

medium · retail · Sep 8, 2023

Planet Fitness

58K customer records exposed

View incident → Original disclosure Indexed 2 years, 7 months ago

critical · retail · Sep 7, 2023

Caesars Entertainment

SSNs and loyalty program data stolen — paid $15M ransom to attackers

View incident → Original disclosure Indexed 2 years, 7 months ago

high · retail · Sep 6, 2023

Dymocks Books (Australia)

1.24M customer records stolen from Australia's largest bookstore chain

View incident → Original disclosure Indexed 2 years, 7 months ago

medium · retail · Sep 5, 2023

Pizza Hut Australia

193K customer records stolen — delivery addresses, order history, and partial payment data

View incident → Original disclosure Indexed 2 years, 7 months ago