The data from ABFRL was allegedly leaked online earlier this month.
Aditya Birla Fashion and Retail is claimed to have its operations in over 36 countries around the globe
Aditya Birla Fashion and Retail (ABFRL) websites are still vulnerable and not safe for customers, the hacker group that allegedly leaked the company's data has claimed in a conversation with Gadgets 360. The data that appeared online was of 700GB in size and included over 5.4 million email addresses of customers and employees that had allegedly been scrapped from the platform of the fashion retail giant, according to researchers. The company, however, said that its access to customers and employee information is secured. It also sent an email to customers to inform them about the incident and reset their passwords as a “pro-active” measure.
Hacker group ShinyHunters told Gadgets 360 that the sites owned by Aditya Birla Fashion and Retail (ABFRL) are still vulnerable. “It would be safer not to buy on ABFRL, Jaypore, Pantaloons, and others,” it alleged.
The hacker group also claimed that it still had hidden access to ABFRL data. Gadgets 360 was not able to independently verify the claims made by the hacker group. When asked, ABFRL said that its access to customers and employee information is secured.
“ABFRL is investigating an information security incident that entailed unauthorised access to its e-commerce database,” an ABFRL spokesperson said in a statement emailed to Gadgets 360. “The company has engaged forensic security experts to carry out an investigation. It has also intimated relevant authorities and is taking necessary steps to bring the culprits to book. There has been no operational or business impact.”
“As a pro-active measure, the company has reset passwords of all customers and enabled OTP based authentication and taken further steps to secure access to customer and employee information,” the spokesperson said.
ABFRL on Tuesday also sent an email to its customers to inform them about the “illegal and unauthorised access to a part” of its customer database.
“Earlier this week, we discovered that profile information of some of our customers has been released in some cyber forums. We are completely cognizant that this would be of great concern to you,” the Mumbai-based company said in the email.
The company also noted that it reset passwords of all its customers as a “precautionary measure” and enabled one-time password (OTP) based authentication. It also claimed that further steps have been taken to secure access to customer information.
“In case you have been using common passwords on other sites, we request you to change the same, as a matter of abundant precaution. We would like to assure you that besides some details which are part of your profile, no financially sensitive information pertaining to your payment modalities or instruments, has been compromised as a result of this unscrupulous intrusion of our database,” the company said.
ABFRL also said that it immediately intimated relevant cyber authorities and was taking necessary steps “to bring the culprits to book.”
“We have also engaged leading forensic security experts to carry out an investigation. While we have a robust security architecture, we will further reinforce our security protocols,” the company said.
The alleged data leak was brought to notice by data breach tracking website Have I Been Pwned on Saturday. It reported that as many as 5,470,063 accounts of the company were breached and ransomed in December last year.
RestorePrivacy reported that the leaked data included ABFRL employee data like full name, email, birth date, physical address, gender, age, marital status, salary, and religion as well as hundreds of thousands of invoices and the website source code of the company and server reports. Further, the hacker group is claimed to have access to credit card details of ABFRL customers.
Cybersecurity researcher Rajshekhar Rajaharia told Gadgets 360 that ShinyHunters could be considered a "trusted" hacker group, and if it is claiming that the data is still in its access, we could believe it.
“ABFRL should take the claims made by the hacker group seriously and do a thorough investigation on how the breach happened,” he said. “The company should also get their logs checked as the group is claiming to have accessed its financial data as well.”
Rajaharia also noted that the hacker group was claiming that ABFRL was storing its passwords using message-digest algorithm 5 (MD5), which is a dated algorithm.
“The company should constantly update its algorithms as otherwise; the affected users would not be able to secure their data even after changing their passwords. The hacker group would easily be able to gain user data access again by exploiting the vulnerabilities of the dated hashing algorithm,” the researcher said.
ABFRL is claimed to have over 140,000 employees and has its operations span across 36 countries across the globe, as per the details available on its website. The group owns a list of lifestyle brands including Louis Philippe, Van Heusen, Allen Solly, and Simon Carter. It also has fashion divisions including Pantaloons that are known among customers.
You can read the email sent to the affected customers and statement sent to Gadgets 360 in their entirety below.
Email: Dear [User],
We hope you are staying safe.
We would like to inform you that there has been an information security incident that entailed illegal and unauthorized access to a part of our customer database. Earlier this week, we discovered that profile information of some of our customers has been released in some cyber forums.
We are completely cognizant, that this would be of great concern to you. As a precautionary measure, we have reset passwords of all customers, enabled OTP based authentication, and taken further steps to secure access to customer information. In case you have been using common passwords on other sites, we request you to change the same, as a matter of abundant precaution. We would like to assure you that besides some details which are part of your profile, no financially sensitive information pertaining to your payment modalities or instruments, has been compromised as a result of this unscrupulous intrusion of our database.
We have immediately intimated relevant cyber authorities and are taking necessary steps to bring the culprits to book. We have also engaged leading forensic security experts to carry out an investigation. While we have a robust security architecture, we will further reinforce our security protocols.
We regret the inconvenience caused. Thank you for your patronage and your continued trust in our brands. We are committed to ensuring a safe online shopping experience for you.
Aditya Birla Fashion and Retail Ltd
(https://www.abfrl.com/)
Statement: ABFRL is investigating an information security incident that entailed unauthorised access to its e-commerce database. The company has engaged forensic security experts to carry out an investigation. It has also intimated relevant authorities and is taking necessary steps to bring the culprits to book. There has been no operational or business impact. As a pro-active measure, the company has reset passwords of all customers and enabled OTP based authentication and taken further steps to secure access to customer and employee information.
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.