Aditya Birla Fashion Retail Ltd. (ABFRL) suffered a major data breach on its portal. A hacker group called ShinyHunters has allegedly made 700 GB of ABFRL’s customer data public, including 5.4 million emails and phone numbers.
ABFRL is one of the leading fashion conglomerates in the country with a presence in over 3000 stores and 26000 multi-brand outlets. Some of its leading retail formats include Pantaloons and Jaypore.com. Besides, it retails brands including Louis Philippe, Van Heusen, Allen Solly and Peter England.
In this case, a user called ‘ShinyHunter’ made a post on RaidForums claiming to have ABFRL users data that it offered for sale. RaidForums is a database company that gathers data from breaches and leaks, as well as an active marketplace for selling these leaks. It has a total of 445000 users dedicated to hacking, database leaks and tech.
“We tried to get in touch with ABFRL. They sent a negotiator but he was just stalling. So we decided to leak everything for you guys including their famous divisions such as Pantaloons.com or Jaypore.com,” said the user in a forum post.
ShinyHunters is a criminal black-hat hacking group that has been involved in many data breaches since it began its operations with the Tokopedia Hack in 2020.
The group’s usual modus operandi involves leaking a small amount of data from a breach that allows others to verify that a breach has indeed occurred before selling off the rest of the data on the dark web. But this time, the group has decided to release all the data for free on RaidForums.
“This time, they have made all the data available for free. I have confirmed the same in my correspondence with them,” said Rajshekhar Rajaharia to Inc42. He had initially brought up the issue in a tweet he posted earlier. ABFRL and ShinyHunters have yet to share comments on the matter.