Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label customer data leak. Show all posts
Personal Information
customer data compromise customer data leak customer data privacy Data Breach Data Leak Data Privacy data security Database Leaked Fashion Retailer Personal Information

SABO Fashion Brand Exposes 3.5 Million Customer Records in Major Data Leak

 

Australian fashion retailer SABO recently faced a significant data breach that exposed sensitive personal information of millions of customers. The incident came to light when cybersecurity researcher Jeremiah Fowler discovered an unsecured database containing over 3.5 million PDF documents, totaling 292 GB in size. The database, which had no password protection or encryption, was publicly accessible online to anyone who knew where to look. 

The leaked records included a vast amount of personally identifiable information (PII), such as names, physical addresses, phone numbers, email addresses, and other order-related data of both retail and business clients. According to Fowler, the actual number of affected individuals could be substantially higher than the number of files. He observed that a single PDF file sometimes contained details from up to 50 separate orders, suggesting that the total number of exposed customer profiles might exceed 3.5 million. 

The information was derived from SABO’s internal document management system used for handling sales, returns, and shipping data—both within Australia and internationally. The files dated back to 2015 and stretched through to 2025, indicating a mix of outdated and still-relevant information that could pose risks if misused. Upon discovering the open database, Fowler immediately notified the company. SABO responded by securing the exposed data within a few hours. 

However, the brand did not reply to the researcher’s inquiries, leaving critical questions unanswered—such as how long the data remained vulnerable, who was responsible for managing the server, and whether malicious actors accessed the database before it was locked. SABO, known for its stylish collections of clothing, swimwear, footwear, and formalwear, operates three physical stores in Australia and also ships products globally through its online platform. 

In 2024, the brand reported annual revenue of approximately $18 million, underscoring its scale and reach in the retail space. While SABO has taken action to secure the exposed data, the breach underscores ongoing challenges in cybersecurity, especially among mid-sized e-commerce businesses. Data left unprotected on the internet can be quickly exploited, and even short windows of exposure can have lasting consequences for customers. 

The lack of transparency following the discovery only adds to growing concerns about how companies handle consumer data and whether they are adequately prepared to respond to digital threats.
Read more »
Qantas hack
airline cybersecurity Australian cyberattack customer data leak Data Breach data protection Australia Qantas data breach Qantas hack

Qantas Confirms Massive Cyberattack Exposing Data of Over 5.7 Million Customers

 

Australia’s Qantas Airways announced on Wednesday, July 9, 2025, that a large-scale cyberattack has compromised the personal data of millions of its customers, marking one of the nation’s most severe security breaches in recent memory.

According to the airline, over one million customers had highly sensitive details accessed, including phone numbers, dates of birth, and residential addresses. Additionally, the breach impacted another four million customers whose names and email addresses were taken during the intrusion.

Qantas initially reported the incident last week but has now provided further clarity on the scale of the compromise. After carefully removing duplicate records from the initial estimate of six million, the company determined that the database contained unique personal information belonging to approximately 5.7 million individuals.

Despite the scope of the attack, Qantas said there is currently no evidence suggesting that any of the stolen data has been published or misused. The company emphasized that it has been actively monitoring the situation to detect any suspicious activity or unauthorized attempts to disseminate the compromised information.

In response to the breach, the airline has significantly strengthened its cyber security protocols to protect customer data from further exposure. “Since the incident, we have put in place a number of additional cyber security measures to further protect our customers’ data, and are continuing to review what happened,” Qantas Group CEO Vanessa Hudson said in a statement.

The hack has renewed concerns about the resilience of Australia’s critical infrastructure and large corporate networks, coming just a few years after the country grappled with major cyberattacks on telecommunications provider Optus and health insurer Medibank in 2022. Those incidents prompted the government to implement mandatory cyber resilience laws and stricter reporting requirements for serious breaches.

Cybersecurity analysts have warned that companies holding large volumes of consumer data have become prime targets for sophisticated criminal networks and state-sponsored attackers. The Qantas breach underscores the persistent threats facing organizations across all sectors, particularly airlines and travel companies that process vast amounts of personal and financial information.

Qantas has urged customers to remain vigilant against potential phishing scams or suspicious communications that could emerge as a result of the incident. The airline said it is cooperating closely with cybercrime authorities and regulators to investigate the breach and mitigate any further risks.

The company also encouraged affected customers to update their passwords and enable multi-factor authentication wherever possible to enhance their account security.
Read more »
Subscribe to: Posts (Atom)