Zara Data Breach Exposes Information of 197,000 Customers

Severity: High (Score: 64.5)

Sources: Securityaffairs.Co, haveibeenpwned.com, Bleepingcomputer

Summary

Zara experienced a data breach affecting over 197,000 customers, attributed to the ShinyHunters extortion group. The breach involved a compromise of the Anodot analytics platform, leading to the theft of unique email addresses, product SKUs, order IDs, and support ticket details. Inditex, Zara's parent company, confirmed that sensitive information such as passwords and payment details were not compromised. The attackers leaked a 140GB archive containing the stolen data. Inditex has initiated security protocols and is notifying relevant authorities. The incident highlights ongoing vulnerabilities associated with third-party service providers. The ShinyHunters group has been linked to multiple breaches across various sectors, indicating a broader trend of targeted cyberattacks. As of now, the specific threat actor has not been officially confirmed by Inditex. Key Points: • Over 197,000 customers affected by Zara data breach linked to ShinyHunters group. • Compromised data includes unique email addresses, product SKUs, and order IDs. • Inditex confirmed no access to passwords or payment information.

Key Entities

• ShinyHunters (apt_group)
• Data Breach (attack_type)
• Pay Or Leak (campaign)
• 7-Eleven (company)
• Adobe (company)
• ADT (company)
• Atlassian (company)
• Bershka (company)
• Dropbox (tool)
• Slack (platform)
• Udemy (platform)
• Vimeo (platform)
• Google Workspace (platform)
• Microsoft 365 (platform)
• Fashion (industry)
• Retail (industry)
• Technology (industry)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1195 - Supply Chain Compromise (mitre_attack)
• T1566.003 - Spearphishing Via Service (mitre_attack)