Retail & E-Commerce Data Breaches — Customer & Payment Compromises

Retail & E-Commerce Data Breaches (599 indexed)

high · retail · Mar 29, 2024

England Cricket

43,299 records exposed — Email addresses, Passwords

View incident → Original disclosure Indexed 2 years, 1 month ago

high · retail · Mar 20, 2024

Forever 21 (2024)

539K current and former employee records exposed — SSNs, bank account details, health plan data

View incident → Original disclosure Indexed 2 years, 1 month ago

high · retail · Mar 18, 2024

Marriott International (2024)

380K guest reservation records exposed — fourth major breach in 6 years

View incident → Original disclosure Indexed 2 years, 1 month ago

high · retail · Mar 15, 2024

Giant Tiger Stores (Canada)

2.8M customer records exposed via compromised vendor — addresses and email addresses

View incident → Original disclosure Indexed 2 years, 1 month ago

critical · retail · Mar 13, 2024

ClickASnap

3,262,980 records exposed — Email addresses, Names, Passwords, Physical addresses and 3 more

View incident → Original disclosure Indexed 2 years, 1 month ago

critical · retail · Mar 10, 2024

Wayfair

1.3M customer records exposed in targeted attack

View incident → Original disclosure Indexed 2 years, 1 month ago

high · retail · Mar 10, 2024

Panda Express

190K employee records exposed in corporate breach

View incident → Original disclosure Indexed 2 years, 1 month ago

high · retail · Mar 5, 2024

Nestle (Switzerland)

890K employee and supply chain records compromised

View incident → Original disclosure Indexed 2 years, 1 month ago

high · retail · Mar 1, 2024

Giant Tiger (Canada)

2.8M customer records including email and physical addresses leaked on dark web

View incident → Original disclosure Indexed 2 years, 2 months ago

high · retail · Feb 22, 2024

Facebook Marketplace

77,267 records exposed — Email addresses, Geographic locations, Names, Passwords and 2 more

View incident → Original disclosure Indexed 2 years, 2 months ago

high · retail · Feb 15, 2024

Dollarama

890K customer records exposed in POS malware attack

View incident → Original disclosure Indexed 2 years, 2 months ago

high · retail · Feb 14, 2024

PetSmart / Chewy (Customer Data)

1.8M pet owner records exposed — grooming appointments, vet records, and delivery addresses

View incident → Original disclosure Indexed 2 years, 2 months ago

critical · retail · Feb 10, 2024

Woolworths Group

1.6M customer records exposed via MyDeal platform

View incident → Original disclosure Indexed 2 years, 2 months ago

medium · retail · Feb 8, 2024

Wayfair Home Goods

870K customer records exposed via credential stuffing — delivery addresses and order data

View incident → Original disclosure Indexed 2 years, 2 months ago

high · retail · Feb 8, 2024

Indigo Books & Music

Employee data stolen in LockBit ransomware attack — SINs, direct deposit info exposed

View incident → Original disclosure Indexed 2 years, 2 months ago

high · retail · Jan 21, 2024

Subway Restaurants

LockBit ransomware claimed breach — employee records and franchise financial data stolen

View incident → Original disclosure Indexed 2 years, 3 months ago

medium · retail · Jan 18, 2024

Michaels Craft Stores

330K customer records including custom framing orders with home addresses exposed

View incident → Original disclosure Indexed 2 years, 3 months ago

high · retail · Jan 16, 2024

Jason's Deli

345K customer records compromised in credential stuffing

View incident → Original disclosure Indexed 2 years, 3 months ago

medium · retail · Jan 12, 2024

Sam's Club

90K customer records exposed in credential stuffing

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · retail · Jan 12, 2024

Hathway

4,670,080 records exposed — Device information, Email addresses, IP addresses, Names and 5 more

View incident → Original disclosure Indexed 2 years, 3 months ago

high · retail · Jan 10, 2024

LCBO (Ontario)

Customer credit card data skimmed via Magecart web injection on provincial liquor retailer

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · retail · Jan 4, 2024

Legendas.TV

3,869,181 records exposed — Email addresses, IP addresses, Names, Passwords and 1 more

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · retail · Dec 13, 2023

VF Corporation (North Face, Vans, Timberland)

35.5M customer records stolen in ALPHV ransomware attack — order history and addresses

View incident → Original disclosure Indexed 2 years, 4 months ago

critical · retail · Dec 13, 2023

VF Corporation (North Face, Vans, Supreme)

35.5M customer records stolen in ALPHV ransomware

View incident → Original disclosure Indexed 2 years, 4 months ago