Skip to content
Tech News
← Back to articles

Zara data breach exposed personal information of 197,000 people

2026-05-08 | original
read original get Data Breach Notification Sticker → more articles
Why This Matters

The Zara data breach highlights the ongoing vulnerabilities in the retail sector, especially when third-party providers are involved, emphasizing the need for robust cybersecurity measures. For consumers, it underscores the importance of monitoring personal information even when sensitive data like payment details remain secure. This incident serves as a reminder for companies to strengthen their data protection strategies to maintain trust and prevent future breaches.

Key Takeaways

Hackers who gained access to the databases of Spanish fast-fashion retailer Zara stole data belonging to more than 197,000 customers, according to data breach notification service Have I Been Pwned.

Zara has over 1,500 company-managed and franchised stores worldwide and is the flagship brand of the Inditex Group, one of the world's largest fashion distribution groups, which also owns Bershka, Zara Home, Oysho, Pull&Bear, Massimo Dutti, Stradivarius, and Uterqüe.

As Inditex stated last month, when the data breach was widely reported, the compromised databases were hosted by a former tech provider and contained information about business relationships with customers in different markets.

However, Inditex noted that the attackers didn't gain access to affected customers' names, phone numbers, addresses, credentials, or payment information (such as bank cards).

It also added that its operations and systems were unaffected, but has yet to attribute the breach to a specific threat actor and to share the name of the hacked provider.

"Inditex has immediately applied its security protocols and has started notifying the relevant authorities of this unauthorized access, that stems from a security incident that affected a former technology provider and has impacted several companies operating internationally," Inditex said.

​While Inditex and Zara have yet to disclose more details regarding the incident, including the total number of affected individuals, the ShinyHunters extortion gang has since claimed responsibility for the breach and leaked a 140GB archive containing documents allegedly stolen from BigQuery instances using compromised Anodot authentication tokens.

Zara entry on ShinyHunters' data leak site (BleepingComputer)

​Have I Been Pwned analyzed the stolen data and said today that the resulting data breach exposed the data of 197,400 people, including unique email addresses, geographic locations, purchases, and support tickets. "The data contained 197k unique email addresses alongside product SKUs, order IDs and the market the support ticket originated in," Have I Been Pwned said.

Previously, the cybercrime gang told BleepingComputer that they had stolen data from dozens of companies using Anodot authentication tokens, adding that they were blocked by AI-based detection when trying to steal data from Salesforce instances.

... continue reading

Explore topics: zara inditex have i been pwned shinyhunters data breach
Related:
ShinyHunters Claims Second Attack Against Instructure
Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
Worried about the nationwide Canvas data breach? Take these 6 steps now
Canvas Got Hacked During Finals Week and Students Are Freaking Out
NVIDIA confirms GeForce NOW data breach affecting Armenian users

© 2026 GoKawiil

About | Editorial Policy | Contact