DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Major Indian fashion retailer hacked and data leaked

Posted on January 11, 2022 by Dissent

Another major Indian firm has fallen prey to a massive cyberattack. This time, the victim is a Fortune India 500 List company: Mumbai-headquartered Aditya Birla Group (ABG). The conglomerate includes Aditya Birla Fashion and Retail Ltd. (ABFRL) as well as businesses in other sectors. ABFRL, formed after the merger of Madura Fashion & Lifestyle and Pantaloons, describes itself as “India’s first billion-dollar pure-play fashion powerhouse with an elegant bouquet of leading fashion brands and retail formats.”

In a corporate presentation published in July, 2021, ABG claimed to be a US$ 45-billion conglomerate that has 130 manufacturing units globally, and 140,000+ employees of 100 nationalities in 36 countries.

ABG Sector Ranks in India
Image: ABG

In early December, DataBreaches.net was contacted by ShinyHunters, who alerted this site to the attack which was then still in progress.  The firm had detected them early, ShinyHunters told this site, but the threat actors still had access.

Even as of today, ShinyHunters claims to still have access.

As a sample of the types of information the threat actors acquired already, this site was shown headers from one of the employee-related databases:

PoornataID,HRStatus,PositionNumber,PositionTitle,HireDate,NameDisplay,NamePrefix,FirstName,MiddleName,LastName,BirthDate,BirthCountry,MaritialStatus,Gender,City,State,Postal,Emailid,ABGExperience,Age,Company,Business,BusinessUnit,Department,Location,JobBand,Designation,ReportsTo,SupervisorId,FunctionCd,FunctionDescription,SubFunction,SalaryGrade,HolidaySchedule,ManagerId,ManagerName,ManagerDesignation,ConfirmationDate,CostCentre,Religion,LastPromotionDate,Phone,Extension,Cadre,ManagerEmailId

Not all the fields reportedly had actual data, but ShinyHunters claimed to have sensitive data on both customers and employees and showed a small sample of both to DataBreaches.net.

DataBreaches.net reached out to ABG via email to ask their response to the claims and incident, and to ask whether they were going to notify employees and customers. Despite such inquiries sent to multiple email ABG addresses and personnel on December 3, December 4, December 10, and January 10, no replies were received.

DataBreaches.net has found no notice on their site or press release.

Today,  ShinyHunters notified DataBreaches.net that after more failed negotiations between ShinyHunters and ABG or their representative —  negotiations that ShinyHunters described to this site as a stalling tactic — ShinyHunters was leaking the data on a popular forum where data are shared or sold:

So we decided to leak everything for you guys including their famous divisions such as Pantaloons.com (https://facebook.com/pantaloons) or Jaypore.com (https://facebook.com/jaypore).

Within an hour or so, the hosting site removed the dump for violations of TOS. The data are reportedly in the process of being reuploaded to another site.

Credit Card Data, Too?

ShinyHunters informed this site that although they acquired customers’ credit card data with expiration date and CVV — and that ABFRL Pantaloons knows that ShinyHunters is in possession of such data, the firm has allegedly not informed customers about the breach of card data. If they have notified employees and customers privately of the data breach and exfiltration of data, DataBreaches.net has seen no proof of that as yet.

If any reader is a Pantaloons customer or employee who has been informed of the breach, please contact this site with details of how you were informed and what you were told. Thank you. 

Related posts:

  • 1,355 Indian websites Hacked by hax.r00t n saadi Pakistani hackers
  • Forbes Breach Email Statistics
  • TeamGhostShell posts “master list” of 548 leaks (so far)
  • A guilty plea in the PowerSchool case still leaves unanswered questions
Category: Breach IncidentsBusiness SectorHackMalwareNon-U.S.

Post navigation

← A Missouri Reporter Is (Still) Getting Blamed For the Security Flaw He Exposed
Ph: Court records stolen →

2 thoughts on “Major Indian fashion retailer hacked and data leaked”

  1. Vladimir says:
    January 18, 2022 at 6:44 pm

    This was their email :

    We hope you are staying safe.
    We would like to inform you that there has been an information security incident that entailed illegal and unauthorized access to a part of our customer database. Earlier this week, we discovered that profile information of some of our customers has been released in some cyber forums.
    We are completely cognizant, that this would be of great concern to you. As a precautionary measure, we have reset passwords of all customers, enabled OTP based authentication, and taken further steps to secure access to customer information. In case you have been using common passwords on other sites, we request you to change the same, as a matter of abundant precaution. We would like to assure you that besides some details which are part of your profile, no financially sensitive information pertaining to your payment modalities or instruments, has been compromised as a result of this unscrupulous intrusion of our database.
    We have immediately intimated relevant cyber authorities and are taking necessary steps to bring the culprits to book. We have also engaged leading forensic security experts to carry out an investigation. While we have a robust security architecture, we will further reinforce our security protocols.
    We regret the inconvenience caused. Thank you for your patronage and your continued trust in our brands. We are committed to ensuring a safe online shopping experience for you.
    Aditya Birla Fashion and Retail Ltd

    1. Dissent says:
      January 19, 2022 at 7:51 am

      ShinyHunters continues to assert that they still have access and that the retailer doesn’t seem to have figured out how.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.