Aditya Birla Fashion says back after data breach; hackers say site still vulnerable
Aditya Birla Fashion says it has taken steps to secure its website by resetting passwords of all customers and enabling OTP based authentication.
Aditya Birla Fashion and Retail Ltd (ABFRL) suffered a data breach on its website and more than 5.4 million email addresses were leaked online earlier this month. The company has now assured that data has been secured. In fact, access to customers' and employees' information has been provided added layers of security. ABFRL sent an email to customers informing them about the incident and reset their passwords as a “proactive” measure.
Though ABFRL is investigating the incident, hackers have claimed that the sites owned by ABFRL are still vulnerable as they still had hidden access to ABFRL data. The hacker group ShinyHunters that has made ABFRL's database public, revealed Gadgets 360. The message said, “It would be safer not to buy on ABFRL, Jaypore, Pantaloons, and others.”
Meanwhile, ABFRL in its official statement said that the incident will have no operational or business impact on its operations.The company is taking help from forensic security experts to investigate the data breach. ABFRL spokesperson said, "ABFRL is investigating an information security incident that entailed unauthorized access to its e-commerce database."
The leaked database includes customers' personal information like names, phone numbers, addresses, dates of births, order histories, credit card details, and passwords stored as Message-Digest algorithm 5 (MD5) hashes. Moreover, details of employees, including salary details, religion, and marital status were also leaked. The alleged data leak was brought to notice by data breach tracking website Have I Been Pwned on January 15.
ABFRL has a repertoire of leading brands, such as Louis Philippe, Van Heusen, Allen Solly and Peter England, along with India's largest value fashion retail brand Pantaloons. Not only Indian, but it also has an international brand portfolio which includes - The Collective, India's largest multi-brand retailer of international brands, Simon Carter and select mono-brands such as Forever 21, American Eagle, Ralph Lauren, Hackett London, Ted Baker and Fred Perry.
The company had a revenue of ₹5,181.14 crore in FY21. As of September 30, 2021, the company reportedly has a network of 3,264 stores across approximately 26,841 multi-brand outlets.