Retail & E-Commerce Data Breaches — Customer & Payment Compromises

Retail & E-Commerce Data Breaches (599 indexed)

high · retail · Aug 5, 2024

Nordstrom

340K customer loyalty records exposed

View incident → Original disclosure Indexed 1 year, 8 months ago

high · retail · Aug 5, 2024

GameStop

340K customer records exposed — payment card data and Power Up Rewards member information

View incident → Original disclosure Indexed 1 year, 8 months ago

high · retail · Aug 3, 2024

Avis Budget Group

299K customer records accessed via business application vulnerability

View incident → Original disclosure Indexed 1 year, 8 months ago

critical · retail · Aug 2, 2024

LuLu

2,796,835 records exposed — Email addresses, Names, Passwords, Phone numbers and 2 more

View incident → Original disclosure Indexed 1 year, 9 months ago

critical · retail · Jul 19, 2024

Delta Air Lines (CrowdStrike)

CrowdStrike outage grounded 5,000+ flights — $500M loss, customer data exposed during recovery

View incident → Original disclosure Indexed 1 year, 9 months ago

critical · retail · Jul 12, 2024

Rite Aid

2.2M customer records including purchase history and ID data stolen in ransomware attack

View incident → Original disclosure Indexed 1 year, 9 months ago

high · retail · Jul 10, 2024

Ulta Beauty

770K customer records exposed via credential stuffing on loyalty program — Ultamate Rewards

View incident → Original disclosure Indexed 1 year, 9 months ago

high · retail · Jul 10, 2024

The Heritage Foundation

72,004 records exposed — Email addresses, IP addresses, Names, Passwords and 1 more

View incident → Original disclosure Indexed 1 year, 9 months ago

high · retail · Jul 9, 2024

Neiman Marcus

31,152,842 records exposed — Dates of birth, Email addresses, IP addresses, Names and 4 more

View incident → Original disclosure Indexed 1 year, 9 months ago

medium · retail · Jul 3, 2024

AutoTrader (dealer breach)

28K customer records exposed

View incident → Original disclosure Indexed 1 year, 9 months ago

high · retail · Jul 1, 2024

Hudson's Bay Company (TheBay)

670K customer records compromised

View incident → Original disclosure Indexed 1 year, 10 months ago

high · retail · Jun 24, 2024

Advance Auto Parts

79,243,727 records exposed — Email addresses, Names, Phone numbers, Physical addresses

View incident → Original disclosure Indexed 1 year, 10 months ago

high · retail · Jun 19, 2024

Lithia Motors

110K customer records exposed in CDK Global breach

View incident → Original disclosure Indexed 1 year, 10 months ago

medium · retail · Jun 19, 2024

AutoNation

84K customer records exposed

View incident → Original disclosure Indexed 1 year, 10 months ago

medium · retail · Jun 19, 2024

Larry H. Miller Dealerships

48K customer records exposed

View incident → Original disclosure Indexed 1 year, 10 months ago

medium · retail · Jun 19, 2024

Asbury Automotive

62K customer records exposed

View incident → Original disclosure Indexed 1 year, 10 months ago

high · retail · Jun 19, 2024

Sonic Automotive

130K customer records exposed in CDK Global breach

View incident → Original disclosure Indexed 1 year, 10 months ago

medium · retail · Jun 19, 2024

Penske Automotive

95K customer records exposed in CDK Global breach

View incident → Original disclosure Indexed 1 year, 10 months ago

medium · retail · Jun 19, 2024

Group 1 Automotive

78K customer records exposed in CDK breach

View incident → Original disclosure Indexed 1 year, 10 months ago

medium · retail · Jun 19, 2024

Hendrick Automotive

54K customer records exposed in CDK breach

View incident → Original disclosure Indexed 1 year, 10 months ago

critical · retail · Jun 18, 2024

CDK Global (Auto Dealers)

15K+ car dealerships disrupted — BlackSuit ransomware shut down dealer management systems

View incident → Original disclosure Indexed 1 year, 10 months ago

high · retail · Jun 17, 2024

Zadig & Voltaire

586,895 records exposed — Email addresses, Genders, Names, Phone numbers and 1 more

View incident → Original disclosure Indexed 1 year, 10 months ago

high · retail · Jun 10, 2024

Macy's

890K customer records including payment data compromised

View incident → Original disclosure Indexed 1 year, 10 months ago

high · retail · Jun 10, 2024

Unilever

670K employee records exposed in targeted attack

View incident → Original disclosure Indexed 1 year, 10 months ago