Retail & E-Commerce Data Breaches — Customer & Payment Compromises

Retail & E-Commerce Data Breaches (599 indexed)

critical · retail · Feb 11, 2025

Royal Mail (UK)

44M customer shipping records exposed in LockBit ransomware attack — addresses, tracking data

View incident → Original disclosure Indexed 1 year, 2 months ago

high · retail · Feb 10, 2025

Hertz / Dollar / Thrifty

Cl0p exploited Cleo file-transfer platform — customer driver's license and payment data exposed

View incident → Original disclosure Indexed 1 year, 2 months ago

high · retail · Feb 5, 2025

Grupo Bimbo (Mexico)

560K employee and supply records compromised

View incident → Original disclosure Indexed 1 year, 2 months ago

high · retail · Feb 1, 2025

Grubhub

Third-party contractor breach exposed customer and driver records

View incident → Original disclosure Indexed 1 year, 3 months ago

medium · retail · Jan 22, 2025

Welhof

107,292 records exposed — Email addresses, Names, Physical addresses, Purchases

View incident → Original disclosure Indexed 1 year, 3 months ago

critical · retail · Jan 10, 2025

Empire Company (Sobeys)

1.2M customer records exposed in ransomware recovery data leak

View incident → Original disclosure Indexed 1 year, 3 months ago

high · retail · Jan 10, 2025

Williams-Sonoma

450K customer records compromised via vendor

View incident → Original disclosure Indexed 1 year, 3 months ago

critical · retail · Jan 10, 2025

Wesfarmers (Bunnings/Kmart)

1.5M customer records exposed in loyalty platform breach

View incident → Original disclosure Indexed 1 year, 3 months ago

high · retail · Jan 5, 2025

Coles Group

560K customer records compromised via third-party platform

View incident → Original disclosure Indexed 1 year, 3 months ago

high · retail · Jan 3, 2025

GLAMIRA

874,594 records exposed — Email addresses, Names, Phone numbers, Purchases

View incident → Original disclosure Indexed 1 year, 3 months ago

high · retail · Jan 1, 2025

Zacks Investment Research

12M user records exposed — emails, usernames, IP addresses leaked

View incident → Original disclosure Indexed 1 year, 4 months ago

high · retail · Dec 19, 2024

schenkYOU

237,349 records exposed — Dates of birth, Email addresses, Names, Passwords

View incident → Original disclosure Indexed 1 year, 4 months ago

high · retail · Dec 19, 2024

Young Living Essential Oils

1,128,951 records exposed — Dates of birth, Email addresses, Geographic locations, Names

View incident → Original disclosure Indexed 1 year, 4 months ago

critical · retail · Dec 13, 2024

VF Corporation

35.5M customer records stolen in ALPHV ransomware attack — The North Face, Vans, Timberland parent

View incident → Original disclosure Indexed 1 year, 4 months ago

high · retail · Dec 5, 2024

Tractor Supply Co

450K customer records compromised via POS malware

View incident → Original disclosure Indexed 1 year, 4 months ago

critical · retail · Dec 5, 2024

Carrefour Group

1.3M customer loyalty records stolen

View incident → Original disclosure Indexed 1 year, 4 months ago

high · retail · Dec 5, 2024

Heineken

340K employee records compromised

View incident → Original disclosure Indexed 1 year, 4 months ago

high · retail · Dec 1, 2024

Morrisons Supermarkets

890K customer records stolen in supply chain attack

View incident → Original disclosure Indexed 1 year, 5 months ago

critical · retail · Nov 11, 2024

Hot Topic

350M customer records exposed — largest retail breach of 2024

View incident → Original disclosure Indexed 1 year, 5 months ago

high · retail · Nov 10, 2024

Southwest Airlines

2.3M customer records exposed via compromised travel booking partner API

View incident → Original disclosure Indexed 1 year, 5 months ago

high · retail · Nov 5, 2024

Dennis Kirk

1,356,026 records exposed — Email addresses, Geographic locations, Names, Phone numbers and 1 more

View incident → Original disclosure Indexed 1 year, 5 months ago

high · retail · Nov 5, 2024

eBay (Marketplace)

5.2M seller records exposed via API scraping — business addresses and revenue data

View incident → Original disclosure Indexed 1 year, 5 months ago

high · retail · Nov 1, 2024

Burlington Stores

340K customer records stolen in credential harvesting

View incident → Original disclosure Indexed 1 year, 6 months ago

critical · retail · Oct 31, 2024

Stalker Online

1,385,472 records exposed — Email addresses, IP addresses, Passwords, Usernames

View incident → Original disclosure Indexed 1 year, 6 months ago