Lidl Data Breach Exposes Customer Information from IT Service Provider

Lidl Data Breach Exposes Customer Information from IT Service Provider

First seen 11 Jul 2026, 19:24 UTC Ground.NewsHeise.Dewww.lalibre.bewww.rd.nlwww.nu.nl+1 92% similarity 51.9

Article Content

Browse articles
ThreatCluster

Lidl has confirmed a data breach involving unauthorized access to customer data from an external IT service provider. The breach allowed attackers to steal personal information, including names, email addresses, phone numbers, and birth dates. Lidl has notified affected customers and the relevant data protection authority, but has not disclosed the number of individuals impacted. The company clarified that payment information and passwords were not compromised, and the central database of the online shop system remained secure. The service provider has taken measures to secure its IT systems and has filed a criminal complaint regarding the incident. Customers are advised to remain vigilant against potential phishing attacks. No evidence of data misuse has been reported so far.

Key Points: • Lidl's data breach involved customer information stolen from an external IT service provider. • Personal data accessed includes names, emails, phone numbers, and birth dates, but not payment info. • Affected customers have been notified, and the incident has been reported to the data protection authority.

ThreatCluster AI

Timeline

2026-07-10
Lidl announces data breach
Lidl reported unauthorized access to customer data from an external IT service provider, notifying affected customers.
Ground.News
2026-07-10
Data protection authority notified
Lidl informed the relevant data protection authority about the data breach involving customer information.
Heise.De
2026-07-10
Service provider secures systems
The IT service provider involved in the breach took immediate measures to secure its systems and filed a criminal complaint.
Heise.De

Community

Browse all →