A recent data breach has raised concerns for global sporting goods retailer, Decathlon, as a hacker exposed records of nearly 8,000 employees and customers worldwide.
A recent data breach has raised concerns for global sporting goods retailer, Decathlon, as a hacker exposed records of nearly 8,000 employees and customers worldwide. The breach, discovered by vpnMentor’s research team, unfolded through an online forum post on September 7, 2023.
Details of the Breach:
The forum user published a 61-MB database allegedly linked to Decathlon, containing a wealth of personally identifiable information (PII) of around 8,000 Decathlon employees. This information included full names, usernames, phone numbers, email addresses, countries and cities of residence, authentication tokens, and even photographs.
Immediate Response and Confirmation:
In response, vpnMentor swiftly engaged with both Bluenove and Decathlon to report the discovery of the leaked data. Bluenove, a tech and consulting company, acknowledged the existence of copies of the database circulating on darknet forums.
Upon closer examination, vpnMentor’s research team verified that the stolen information aligned with the Decathlon employee data leak reported in 2021, confirming the authenticity of the recently shared database.
Breach Background:
The initial breach in 2021 was attributed to Bluenove, which specializes in “massive collective intelligence” and collaborated with Decathlon for the Vision 2030 campaign.
Information collected from employees and customers was inadvertently stored in a misconfigured Amazon Web Services (AWS) S3 bucket. Though vpnMentor identified the leak on March 9, 2021, and promptly notified Bluenove and AWS, at least one attacker managed to access the data before the breach was secured.
No Negligence on Decathlon’s Part:
Neither the original 2021 breach nor this recent exposure stemmed from a lapse or negligence on Decathlon’s part. The responsibility for securing the information gathered from stakeholders lay with the third-party company, Bluenove. Decathlon had no means to ascertain if outside actors obtained the data.
Potential Implications and Cybersecurity Measures:
With the leaked data identifying Decathlon employees, there’s a heightened risk of sophisticated phishing campaigns targeting them for further sensitive information. This necessitates robust cybersecurity practices, including strict access controls, employee education, and regular updates to third-party security software and cloud encryption.
The Significance of Clearweb Leaks:
Hackers utilize various online forums, including clearweb forums, to share and discuss data breaches. Unlike darknets, these open platforms don’t require technical expertise to navigate, making them a preferred channel for cybercriminals. However, this also accelerates the dissemination of stolen information, putting more individuals at risk of exposure.
Action Steps for Potentially Affected Individuals:
Decathlon employees from March to November 2020 are advised to contact the company regarding measures taken to secure their data. A thorough review of online and financial accounts for suspicious activity is recommended. Any anomalies should be addressed promptly, including changing email login credentials.
As data breaches continue to evolve, companies must prioritize robust cybersecurity practices. These incidents underscore the urgency of vigilance and proactive measures in safeguarding sensitive information. The recurrence of the breach from 2021 to 2023 highlights the ongoing threat of cybercrimes against those whose data was compromised.
Originally published at vpnMentor