SABO

SABO, an Australian fashion brand, experienced a significant data leak when an unencrypted, non-password-protected database containing names, physical addresses, email addresses, phone numbers, and other personally identifiable information (PII) of at least 3.5 million customers was exposed online. The 292 GB archive included 3,587,960 .PDF documents generated via an internal document management storage system designed to track sales, returns, and shipping documents. The information spanned from 2015 to 2025, indicating both outdated and highly relevant data. The database was secured within hours after being reported by a security researcher, but it is unclear how long it was exposed or if the data was exfiltrated.

Source: https://www.techradar.com/pro/security/huge-data-breach-at-australian-fashion-giant-3-5-million-users-at-risk-heres-what-we-know-so-far

TPRM report: https://www.rankiteo.com/company/sabo-skirt

"id": "sab944072325",
"linkid": "sabo-skirt",
"type": "Breach",
"date": "6/2015",
"severity": "85",
"impact": "",
"explanation": "Attack with significant impact with customers data leaks: Attack which causes leak of personal information of customers ( only if no ransomware )"

{'affected_entities': [{'customers_affected': '3.5 million or potentially more',
                        'industry': 'Retail',
                        'location': 'Australia',
                        'name': 'SABO',
                        'size': '3 stores in Australia with worldwide '
                                'shipments',
                        'type': 'Fashion Brand'}],
 'attack_vector': 'Unsecured Database',
 'data_breach': {'data_encryption': 'No',
                 'file_types_exposed': ['PDF'],
                 'number_of_records_exposed': '3,587,960 PDF documents',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['names',
                                              'physical addresses',
                                              'email addresses',
                                              'phone numbers',
                                              'other personally identifiable '
                                              'information (PII)']},
 'description': 'Australian fashion brand SABO leaked sensitive data on '
                'millions of its customers by keeping an unencrypted, '
                'non-password-protected database on the internet, available to '
                'anyone who knew where to look.',
 'impact': {'data_compromised': ['names',
                                 'physical addresses',
                                 'email addresses',
                                 'phone numbers',
                                 'other personally identifiable information '
                                 '(PII)'],
            'systems_affected': ['internal document management storage '
                                 'system']},
 'references': [{'source': 'TechRadar'}],
 'response': {'containment_measures': ['Database locked down within hours']},
 'title': 'Unencrypted Database Leak at Australian Fashion Brand SABO',
 'type': 'Data Leak',
 'vulnerability_exploited': 'Unencrypted, non-password-protected database'}

SABO

PowerSchool Holdings Inc. and Bain Capital: Bain Struggles to Dismiss PowerSchool User Data Breach Claims

Navigate360: Massive Data Breach: 8 Million Confidential Tips Exposed

Nice-Pak Products Inc.: Nice-Pak Data Breach Class Action Settlement