Auchan, Gloria Jeans and Tvoi Dom customer data leaked

Merged client databases of Auchan, Tvoi Dom and Gloria Jeans stores appeared on the network. About it writes Kommersant, citing researchers from the DLBI data leak intelligence and darknet monitoring service.

The Auchan database contains 7.8 million rows, including 7.7 million unique phone numbers and 4.7 million unique email addresses. The clipping contains data from April 13, 2020 to May 18, 2023. The Auchan security service is checking and establishing an attack vector, Kommersant was told.

The data of the trading network “Your House” contains 713,365 lines with the name and surname of buyers, 618,300 unique phone numbers and 389,500 unique e-mail addresses. Crocus Group (Your Home) did not respond to Kommersant’s request.

Gloria Jeans customer data uploaded contains 3.16 million unique email addresses and 2.36 million unique phone numbers. “Gloria Jeans checks whether the data belongs to buyers,” writes Kommersant.

DLBI believes that the leak occurred through the 1C-Bitrix database management system. Malefactors could get access to a copy of the server or directly to the server.

According to the DLBI, on June 7 “plum” have undergone two more companies Askona and Book24. SQL dumps were uploaded from the same 1C-Bitrix system. User database Askona has 1.9 million lines, while Book24 has 4 million lines.

DLBI says the databases were published by the same hacker who had previously gained access to data from the SberSpasibo bonus program, the SberPravo online legal aid platform, SberLogistics (Shiptor service) and the GeekBrains educational portal.

The hacker promised to “merge” 12 large Russian companies. The DLBI estimates that there are still seven left.