French retailer Auchan is informing that some delicate knowledge related to loyalty accounts of a number of hundred thousand of its prospects was uncovered in a cyberattack.
The corporate is sending knowledge breach notifications to prospects affected by the incident.
“We’re writing to tell you that Auchan has been the sufferer of a cyberattack. This assault resulted in unauthorized entry to sure private knowledge related along with your loyalty account,” reads the retailer’s notification.
In keeping with the pattern of the discover, the info uncovered within the assault consists of full names, title and shopper standing, postal handle, electronic mail handle, telephone quantity, and loyalty card quantity.
The retailer underlines that financial institution knowledge, passwords, and PIN numbers haven’t been impacted.
Supply: Zataz
In an announcement for French media, an organization consultant mentioned that knowledge belonging to “a number of hundred thousand” of its prospects was uncovered containing the incident.
Auchan is a French multinational retail group working over 2,100 branches throughout 13 international locations in Europe and Africa. The chain employs 154,000 folks and has an annual income of over $35 billion.
The corporate mentioned it has notified the French Information Safety Authority (CNIL) in regards to the knowledge breach.
Within the meantime, Auchan advises letter recipients to stay vigilant for potential phishing assaults leveraging the stolen data.
“We remind you that Auchan won’t ever ask you (whether or not by electronic mail, SMS, or telephone) on your login particulars, passwords, or loyalty card PIN code,” warned Auchan.
“In the event you obtain such a message, don’t click on on any hyperlink, don’t name the indicated quantity, and ignore the knowledge it comprises, as it’s probably a phishing try.”
BleepingComputer contacted Auchan a number of days in the past to request extra details about the assault, however the firm has not supplied a reply.
The info breach at Auchan comes shortly after related disclosures made by different massive entities in France, together with Air France and KLM, Orange, and Bouygues Telecom, a few of which had been linked to ShinyHunters’ assaults on Salesforce.
At the moment, there is not any proof linking these assaults or suggesting a coordinated marketing campaign focusing on massive companies within the nation.
46% of environments had passwords cracked, practically doubling from 25% final 12 months.
Get the Picus Blue Report 2025 now for a complete take a look at extra findings on prevention, detection, and knowledge exfiltration developments.
