Retail & E-Commerce Data Breaches — Customer & Payment Compromises

Retail & E-Commerce Data Breaches (594 indexed)

critical · retail · Sep 12, 2025

Home Depot (2025)

1.7M customer records exposed via compromised SaaS vendor managing pro contractor accounts

View incident → Original disclosure Indexed 6 months, 4 weeks ago

high · retail · Sep 10, 2025

Foot Locker

390K customer loyalty program records stolen including purchase history and contact data

View incident → Original disclosure Indexed 7 months ago

high · retail · Sep 1, 2025

Giglio

1,026,468 records exposed — Email addresses, Names, Phone numbers, Physical addresses

View incident → Original disclosure Indexed 7 months, 1 week ago

critical · retail · Sep 1, 2025

Lowe's

1.3M customer records exposed via contractor portal breach

View incident → Original disclosure Indexed 7 months, 1 week ago

critical · retail · Sep 1, 2025

Albertsons / Safeway

1.5M pharmacy records exposed

View incident → Original disclosure Indexed 7 months, 1 week ago

high · retail · Aug 20, 2025

Kroger Grocery Stores

890K customer records exposed via compromised pharmacy benefits manager integration

View incident → Original disclosure Indexed 7 months, 3 weeks ago

high · retail · Aug 5, 2025

IKEA (parent Ingka)

670K customer records exposed in supply chain attack

View incident → Original disclosure Indexed 8 months ago

high · retail · Aug 1, 2025

Maple Leaf Foods

560K supply chain records compromised in ransomware

View incident → Original disclosure Indexed 8 months, 1 week ago

high · retail · Jul 15, 2025

Kohl's

670K customer records stolen

View incident → Original disclosure Indexed 8 months, 3 weeks ago

critical · retail · Jul 15, 2025

Loblaws Digital (PC Optimum)

2.1M loyalty program records exposed

View incident → Original disclosure Indexed 8 months, 3 weeks ago

high · retail · Jul 15, 2025

Five Below

340K customer payment records compromised

View incident → Original disclosure Indexed 8 months, 3 weeks ago

high · retail · Jul 15, 2025

Harvey Norman

340K customer records stolen via compromised e-commerce platform

View incident → Original disclosure Indexed 8 months, 3 weeks ago

high · retail · Jul 1, 2025

El Corte Ingles

670K customer loyalty records stolen

View incident → Original disclosure Indexed 9 months, 1 week ago

medium · retail · Jun 25, 2025

Robinsons Malls

195,597 records exposed — Dates of birth, Email addresses, Genders, Geographic locations and 2 more

View incident → Original disclosure Indexed 9 months, 2 weeks ago

critical · retail · Jun 15, 2025

Marks and Spencer

1.3M customer loyalty records exposed

View incident → Original disclosure Indexed 9 months, 3 weeks ago

critical · retail · Jun 15, 2025

Target Corporation (2025)

2.1M customer records exposed via compromised third-party loyalty platform integration

View incident → Original disclosure Indexed 9 months, 3 weeks ago

high · retail · Jun 10, 2025

WiredBucks

918,529 records exposed — Earnings, Email addresses, IP addresses, Names and 3 more

View incident → Original disclosure Indexed 10 months ago

high · retail · Jun 7, 2025

Disk Union

690,667 records exposed — Email addresses, Geographic locations, Names, Passwords and 2 more

View incident → Original disclosure Indexed 10 months ago

high · retail · Jun 5, 2025

AutoZone

184K customer records exposed including SSNs via MOVEit Transfer vulnerability exploitation

View incident → Original disclosure Indexed 10 months ago

critical · retail · Jun 1, 2025

WestJet Airlines

1.2M passenger records including government IDs and travel documents

View incident → Original disclosure Indexed 10 months, 1 week ago

critical · retail · May 14, 2025

Woolworths Group (Australia 2025)

2.2M MyDeal customer records stolen via compromised subsidiary marketplace platform

View incident → Original disclosure Indexed 10 months, 4 weeks ago

critical · retail · May 8, 2025

OnRPG

1,047,640 records exposed — Email addresses, IP addresses, Passwords, Usernames

View incident → Original disclosure Indexed 11 months ago

critical · retail · May 4, 2025

Sobeys / Empire Company

6.2M customer records compromised in Black Basta ransomware attack on Canadian grocery chain

View incident → Original disclosure Indexed 11 months, 1 week ago

critical · retail · May 2, 2025

Co-op Group (UK)

DragonForce ransomware stole 20M customer records — payment and membership data exposed

View incident → Original disclosure Indexed 11 months, 1 week ago