Pandora has confirmed a cyberattack led to a breach of customer information through one of its external service providers. The company began informing customers of the incident via email on 5 August, describing it as a “personal data breach” and letting people know they need to be cautious about phishing scams.
Pandora said, “Only very common types of data were copied by the attacker – specifically name and email address. We’d like to stress that no passwords, credit card details or similar confidential data were involved in this incident.”
The company did still warn customers to be careful when opening emails, especially those pretending to be from Pandora, as these could be attempts to collect more personal data.
They said, “We have carried out extensive checks and to date we cannot see any evidence that this data has been shared or published.
“However, as a precautionary measure, we recommend that you pay extra attention to unusual emails and online activities prompting for your data as this could be phishing attempts from third parties pretending to be associated with Pandora. Therefore, we recommend that you do not click on links or download attachments from unknown sources.”
“Protecting your privacy is extremely important to us. While incidents like these have unfortunately become more common in recent years, especially among global companies, we take this matter very seriously.”
More from News
- Cat Food Brand Fuzzball Celebrates Winning The Largest Prize In E-Commerce History
- What Is Truth Social, And Who Uses It?
- Google Cloud And Plexal Partner To Help Security Startups
- SpyCloud Enhances Investigations Solution With AI-Powered Insights
- Is Trump Creating An AI-Powered Search Engine?
- HostBreach Offers Free Cyber Snapshot For CMMC Compliance
- Is Recruitment In The UK Picking Up Again?
- How Can Tech Help Cut Electricity Bills In The UK?
How Did The Breach Happen?
According to security experts and cybersecurity news site CyberInsider, the attacker gained access through a third-party platform used by Pandora. The company has not confirmed the name of the vendor involved, but it appears to be linked to a wider group of attacks on companies using Salesforce and other cloud-based services.
Mark Weir, regional director at Check Point Software, said that breaches through third-party systems are becoming more frequent and harder to control. He added that even though passwords and bank data weren’t taken, the information that was stolen is enough to start phishing attacks or identity fraud. He called it “a strong starting point for more serious attacks.”
Pandora’s customer data was likely accessed in the same way as other retail companies that were recently targeted, including Chanel, Adidas, Qantas, and brands under LVMH. These incidents all involve the theft of personal information through cloud platforms connected to customer relationship systems.
The timing of the Pandora breach also lines up with a pattern seen in other attacks. Many of these start with fake phone calls or emails to employees pretending to be a colleague or IT support. The staff then end up sharing their login details or installing malicious apps.
Who Could Be Behind The Attack?
Although Pandora has not named any group, cybersecurity researchers believe the attack may be linked to ShinyHunters, also known as UNC6040. This group has been tied to a number of recent data thefts from companies using Salesforce.
Google’s Threat Intelligence team has been tracking the group since June and believes they use a mix of voice phishing and technical tricks to break into company systems. In some cases, they ask staff to install fake versions of Salesforce apps or hand over security codes.
More recently, the group has started using Python scripts and hiding their locations with TOR IP addresses. There are also signs they may be preparing to publish the data they steal on a public site as part of a wider extortion plan.
The group is also believed to be behind breaches at Allianz Life, Adidas and other well-known companies. In these cases, the attackers avoided breaking into core systems and instead focused on staff with access to customer data.