French retailer Auchan was the victim of a cyberattack that resulted in a significant data breach affecting hundreds of thousands of customers. The attackers successfully accessed and stole personal information associated with customer loyalty accounts. The compromised data includes customer titles, full names, email and postal addresses, phone numbers, and loyalty card numbers. However, the company confirmed that more sensitive information, such as banking details, passwords, and PINs, was not exposed during the incident. In response, Auchan has notified the impacted individuals and the French data protection authority, CNIL. As a security measure, the retailer deactivated the affected loyalty cards, requiring customers to obtain new ones in-store. This data leak exposes customers to increased risks of phishing, identity spoofing, and illegal commercial targeting. Auchan has advised its customers to remain vigilant against suspicious emails, SMS, or phone calls. Reports suggest the attack originated via a partner's system, marking the second disclosed breach for the company in a year.
TPRM report: https://www.rankiteo.com/company/auchan
"id": "auc1053090225",
"linkid": "auchan",
"type": "Breach",
"date": "11/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'hundreds of thousands',
'industry': 'Retail',
'location': 'France',
'name': 'Auchan',
'type': 'Retailer'}],
'attack_vector': 'Third-party partner compromise',
'customer_advisories': 'Customers were notified directly about the breach and '
'advised to be alert for phishing attempts and to get '
'new loyalty cards in-store.',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 'hundreds of thousands',
'personally_identifiable_information': ['Title',
'Surname',
'First name',
'Address',
'Telephone number',
'Email address',
'Loyalty card number'],
'sensitivity_of_data': 'Medium',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'date_publicly_disclosed': '2025-08-26',
'description': 'French retailer Auchan suffered a data breach impacting '
'hundreds of thousands of customers, with personal information '
'linked to their loyalty cards stolen. The breach exposed '
'names, addresses, emails, phone numbers, and loyalty-card '
'details. Banking data, passwords, and PINs were not '
'compromised. The company notified affected customers and the '
'French data protection authority (CNIL).',
'impact': {'brand_reputation_impact': 'Negative impact due to being the '
'second disclosed data breach in a '
'year, raising doubts about the '
'security of its systems.',
'data_compromised': 'Personal data associated with loyalty '
'accounts, including title, surname, first '
'name, address, telephone number, email '
'address, and loyalty card number.',
'identity_theft_risk': 'Increased risk for customers of being '
'targeted by spoofing, phishing, and '
'illegal commercial targeting.',
'operational_impact': 'The company deactivated the cards of '
'impacted individuals, requiring them to '
'visit stores to get new cards and restore '
'their savings.',
'payment_information_risk': 'No payment information was '
'compromised. Bank details, passwords, '
'and PINs were reported as safe.',
'systems_affected': ['Loyalty account system',
'Peripheral systems']},
'initial_access_broker': {'entry_point': 'via a partner'},
'investigation_status': 'Details on the intrusion remain undisclosed.',
'lessons_learned': 'The incident highlights the security sensitivity of '
"'peripheral' systems like loyalty programs and the risks "
'associated with third-party partners.',
'post_incident_analysis': {'corrective_actions': ['Reinforce the protection '
'of information systems',
'Deactivated impacted '
'loyalty cards',
'Required customers to get '
'new cards in-store'],
'root_causes': 'The attack originated from a '
'compromise at a partner company.'},
'recommendations': 'Customers are advised to be vigilant against phishing '
'attempts via email, SMS, or phone. They should not click '
'on suspicious links, call listed numbers, or trust the '
'content of unsolicited messages. If in doubt, report '
'incidents to www.cybermalveillance.gouv.fr.',
'references': [{'source': 'SecurityAffairs'},
{'source': 'ransomNews',
'url': 'https://twitter.com/ransomnews/status/o8cGZoQSqo'},
{'source': 'Zataz'}],
'regulatory_compliance': {'regulations_violated': 'GDPR (implied by '
'notification to CNIL)',
'regulatory_notifications': 'Notified the National '
'Commission for '
'Information Technology '
'and Liberties (CNIL).'},
'response': {'communication_strategy': 'Notified impacted customers directly '
'via a data breach notification and '
'issued public advisories to be '
'vigilant against phishing.',
'containment_measures': ['Immediate measures to stop the attack',
'Deactivated the loyalty cards of '
'impacted individuals'],
'incident_response_plan_activated': 'Yes',
'remediation_measures': ['Reinforced the protection of '
'information systems',
'Issued new loyalty cards to affected '
'customers in-store']},
'stakeholder_advisories': 'Internal communications were issued to reassure '
'stakeholders that no banking data was affected.',
'title': 'Auchan discloses data breach: data of hundreds of thousands of '
'customers exposed',
'type': 'Data Breach'}