Retail & E-Commerce Data Breaches — Customer & Payment Compromises

Retail & E-Commerce Data Breaches (594 indexed)

high · retail · Jan 28, 2026

Target Corporation (2026)

890K customer credit applications and RedCard data exposed via compromised credit processor

View incident → Original disclosure Indexed 2 months, 2 weeks ago

critical · retail · Jan 19, 2026

Raaga

10,225,145 records exposed — Ages, Dates of birth, Email addresses, Genders and 3 more

View incident → Original disclosure Indexed 2 months, 3 weeks ago

high · retail · Jan 15, 2026

Alimentation Couche-Tard (Canada)

620K Circle K loyalty customer records stolen from Canadian convenience store operator

View incident → Original disclosure Indexed 2 months, 3 weeks ago

critical · retail · Jan 13, 2026

Costco Wholesale

1.9M customer records stolen from payment processing system via skimming malware at warehouses

View incident → Original disclosure Indexed 2 months, 4 weeks ago

high · retail · Jan 10, 2026

Starbucks Corporation

950K rewards member records exposed via API vulnerability in mobile order-ahead system

View incident → Original disclosure Indexed 3 months ago

high · retail · Jan 10, 2026

MEC (Mountain Equipment)

450K member records compromised

View incident → Original disclosure Indexed 3 months ago

medium · retail · Jan 5, 2026

Sleep Country Canada

190K customer records compromised

View incident → Original disclosure Indexed 3 months ago

high · retail · Jan 5, 2026

Falabella (Chile)

450K customer records stolen

View incident → Original disclosure Indexed 3 months ago

critical · retail · Dec 2, 2025

Amazon (Ring / Alexa)

2.8M smart home device user records exposed via misconfigured internal analytics pipeline

View incident → Original disclosure Indexed 4 months, 1 week ago

high · retail · Dec 1, 2025

Cineplex

890K customer records stolen

View incident → Original disclosure Indexed 4 months, 1 week ago

high · retail · Dec 1, 2025

Sainsbury's

670K customer records exposed via vendor breach

View incident → Original disclosure Indexed 4 months, 1 week ago

high · retail · Nov 22, 2025

Staples Inc.

Customer order data and employee information compromised in November cyberattack

View incident → Original disclosure Indexed 4 months, 2 weeks ago

medium · retail · Nov 20, 2025

Vultr

187,872 records exposed — Email addresses, Geographic locations, IP addresses, Names

View incident → Original disclosure Indexed 4 months, 3 weeks ago

medium · retail · Nov 20, 2025

Eurofiber

10,003 records exposed — Email addresses, Names, Phone numbers

View incident → Original disclosure Indexed 4 months, 3 weeks ago

critical · retail · Nov 18, 2025

Walmart (eCommerce)

3.5M marketplace seller records exposed via compromised Walmart Connect advertising platform

View incident → Original disclosure Indexed 4 months, 3 weeks ago

high · retail · Nov 5, 2025

Best Buy (vendor incident)

560K customer records compromised through third-party

View incident → Original disclosure Indexed 5 months ago

high · retail · Nov 5, 2025

Publix Super Markets

450K customer records compromised

View incident → Original disclosure Indexed 5 months ago

high · retail · Nov 1, 2025

Legends International

Fan payment and personal data — NFL, MLB, NHL, NBA venues

View incident → Indexed 5 months, 1 week ago

critical · retail · Nov 1, 2025

H&M Group

1.2M customer records compromised

View incident → Original disclosure Indexed 5 months, 1 week ago

high · retail · Oct 5, 2025

Best Buy Electronics

620K customer records exposed via credential stuffing on My Best Buy rewards program

View incident → Original disclosure Indexed 6 months ago

high · retail · Oct 4, 2025

Artists&Clients

95,351 records exposed — Email addresses, IP addresses, Passwords, Usernames

View incident → Original disclosure Indexed 6 months, 1 week ago

critical · retail · Oct 1, 2025

Canadian Tire Corporation

38M unique email addresses with names, phone numbers, and partial credit card data

View incident → Original disclosure Indexed 6 months, 1 week ago

high · retail · Oct 1, 2025

Aritzia

280K customer records exposed via vendor platform

View incident → Original disclosure Indexed 6 months, 1 week ago

high · retail · Sep 25, 2025

Cultura

1,462,025 records exposed — Email addresses, Names, Phone numbers, Physical addresses and 1 more

View incident → Original disclosure Indexed 6 months, 2 weeks ago