Retail & E-Commerce Data Breaches — Customer & Payment Compromises

Retail & E-Commerce Data Breaches (595 indexed)

critical · retail · May 2, 2025

Co-op Group (UK)

DragonForce ransomware stole 20M customer records — payment and membership data exposed

View incident → Original disclosure Indexed 11 months, 1 week ago

medium · retail · May 1, 2025

Harrods (UK)

Luxury retailer confirmed cyber incident — restricted internet access as precaution

View incident → Original disclosure Indexed 11 months, 1 week ago

medium · retail · May 1, 2025

Adidas (Customer Service Platform)

Customer contact information exposed via unauthorized access to support platform

View incident → Original disclosure Indexed 11 months, 1 week ago

critical · retail · May 1, 2025

Etsy

1.1M seller records compromised in targeted attack

View incident → Original disclosure Indexed 11 months, 1 week ago

medium · retail · May 1, 2025

Harrods Department Store (UK)

Attempted cyberattack forced internet shutdown across all stores — systems isolated

View incident → Original disclosure Indexed 11 months, 1 week ago

critical · retail · Apr 22, 2025

Marks & Spencer (UK)

3.2M customer records exposed in DragonForce ransomware attack — loyalty and contact data

View incident → Original disclosure Indexed 11 months, 2 weeks ago

high · retail · Apr 22, 2025

Marks & Spencer Cyber Incident

Cyberattack disrupted online ordering and contactless payments across UK stores

View incident → Original disclosure Indexed 11 months, 2 weeks ago

medium · retail · Apr 13, 2025

Samsung Germany Customer Tickets

216,333 records exposed — Email addresses, Names, Physical addresses, Purchases and 3 more

View incident → Original disclosure Indexed 11 months, 4 weeks ago

critical · retail · Apr 10, 2025

Royal Ahold Delhaize

1.1M customer records exposed via Albert Heijn loyalty breach

View incident → Original disclosure Indexed 1 year ago

high · retail · Apr 9, 2025

Qraved

984,519 records exposed — Dates of birth, Email addresses, Names, Passwords and 1 more

View incident → Original disclosure Indexed 1 year ago

high · retail · Apr 8, 2025

Boulanger

2,077,078 records exposed — Email addresses, Geographic locations, Names, Phone numbers and 1 more

View incident → Original disclosure Indexed 1 year ago

high · retail · Apr 1, 2025

JB Hi-Fi

670K customer records compromised in credential stuffing

View incident → Original disclosure Indexed 1 year ago

high · retail · Apr 1, 2025

Leon's Furniture

340K customer records compromised

View incident → Original disclosure Indexed 1 year ago

high · retail · Mar 19, 2025

Lexipol

672,546 records exposed — Email addresses, Names, Passwords, Phone numbers and 1 more

View incident → Original disclosure Indexed 1 year ago

critical · retail · Mar 7, 2025

Dollar Tree / Family Dollar

2M customer and employee records exposed via Zeroed-In Technologies vendor breach

View incident → Original disclosure Indexed 1 year, 1 month ago

high · retail · Mar 5, 2025

Allegro (Poland)

780K customer records exposed in platform breach

View incident → Original disclosure Indexed 1 year, 1 month ago

high · retail · Mar 5, 2025

Gap Inc

780K customer records exposed in loyalty platform breach

View incident → Original disclosure Indexed 1 year, 1 month ago

high · retail · Mar 2, 2025

Flat Earth Sun, Moon and Zodiac App

33,294 records exposed — Dates of birth, Email addresses, Genders, Geographic locations and 3 more

View incident → Original disclosure Indexed 1 year, 1 month ago

high · retail · Feb 18, 2025

Party City

540K customer records exposed in cyberattack during bankruptcy proceedings

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · retail · Feb 16, 2025

Storenvy

11,052,071 records exposed — Dates of birth, Email addresses, Genders, Geographic locations and 3 more

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · retail · Feb 11, 2025

Royal Mail (UK)

44M customer shipping records exposed in LockBit ransomware attack — addresses, tracking data

View incident → Original disclosure Indexed 1 year, 2 months ago

high · retail · Feb 10, 2025

Hertz / Dollar / Thrifty

Cl0p exploited Cleo file-transfer platform — customer driver's license and payment data exposed

View incident → Original disclosure Indexed 1 year, 2 months ago

high · retail · Feb 5, 2025

Grupo Bimbo (Mexico)

560K employee and supply records compromised

View incident → Original disclosure Indexed 1 year, 2 months ago

high · retail · Feb 1, 2025

Grubhub

Third-party contractor breach exposed customer and driver records

View incident → Original disclosure Indexed 1 year, 2 months ago