Several prominent French retailers, including Boulanger and Cultura, have confirmed that a cyberattack last week resulted in the theft of customer data. This breach, impacting millions of people, highlights the increasing threat posed by cybercriminals targeting retail brands.
Boulanger Confirms Breach, No Banking Data Compromised
Boulanger, a well-known electronics and home appliances retailer, revealed in a statement on Sunday that hackers gained access to customer delivery information. Fortunately, the company confirmed that no banking data was exposed.
The breach, which was swiftly contained, prompted Boulanger to notify all affected customers. The company reassured the public that its websites and mobile applications were operating securely, with enhanced vigilance to prevent future attacks.
The hacker responsible for the breach, known as “horrormar44,” took to the dark web to claim responsibility for the attack on Boulanger. The hacker reportedly stole personal data, including names, addresses, phone numbers, emails, and other customer-related information. A sample of the stolen data was published on BreachForums, a notorious site for leaking stolen information.
The record from the leaked database showed that 27,561,592 customers were affected, with a range of sensitive details exposed, including delivery instructions and customer service notes. While no ransom demand has been reported, the extent of the data compromised is still under investigation.
Cultura and Other Brands Affected
Cultura, a major French retailer specializing in books, art supplies, and electronics, also confirmed that it was a victim of the cyberattack. The breach affected 1.5 million customers, with personal information such as names, phone numbers, email and postal addresses, and order details stolen.
The intrusion into Cultura’s system was linked to an external IT service provider that was targeted by the hackers. However, like Boulanger, the company confirmed that no passwords or banking information were compromised. Cultura took swift action to address the vulnerability and has since implemented corrective measures. The company has filed a formal complaint with local authorities, and investigations are ongoing.
Local media also reported that other French brands, including Truffaut, a retailer specializing in gardening and home decor, and Pepe Jeans, a clothing brand, may have been affected by the same attack. According to reports, the data published by “horrormar44” originated from a subcontractor responsible for delivery services, suggesting that the breach affected several companies sharing the same third-party service provider.
The Dark Web and Rising Threat of Retail Cyberattacks
The stolen data, including customer details from Boulanger and Cultura, was made available on the dark web, where cybercriminals often sell or trade sensitive information. This breach once again emphasizes the critical importance of securing customer data, especially when subcontractors or third-party providers are involved.
Hackers targeting retail companies is part of a larger trend of cybercriminals exploiting vulnerabilities in IT infrastructure to steal personal data. These attacks can have long-term consequences for customers, including identity theft and fraud.
Conclusion
As French retailers like Boulanger and Cultura continue to investigate the scope of the attack, the breach highlights the need for enhanced cybersecurity measures across the retail industry. Companies must work closely with IT providers and law enforcement to prevent future incidents and protect their customers’ sensitive information. For now, Boulanger, Cultura, and other affected brands are taking steps to mitigate the damage and reassure their customers that their operations are secure.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
