Leroy Merlin Data Breach Exposes Customer Information
▼ Summary
– Leroy Merlin, a major European home improvement retailer, has suffered a data breach affecting its customers in France.
– The compromised data includes full names, contact details, addresses, dates of birth, and loyalty program information, but not financial data or passwords.
– The company states it has contained the incident and that the stolen data has not yet been used maliciously.
– Affected customers are being warned to watch for phishing attempts and to report any suspicious account activity.
– The breach’s full scale is unclear, as the company has not yet provided details on the number of impacted individuals.
Customers of the French home improvement and gardening retailer Leroy Merlin are being alerted to a significant data breach that has compromised their personal information. The company, which operates across Europe and in countries like South Africa and Brazil, has confirmed that a cyberattack targeted its information systems, leading to the potential exposure of customer data. This incident specifically impacts individuals located in France, according to a notification shared on social media.
The compromised information includes a range of sensitive personal details. Affected customers have had their full name, phone number, email address, and postal address exposed. Additionally, the breach involved dates of birth and information related to the company’s loyalty program. In its communication to customers, Leroy Merlin stated that upon detecting the incident, it took immediate steps to block unauthorized access and contain the situation.
Importantly, the company has clarified that the exposed data does not include financial details such as banking information or online account passwords. The notification also suggests that, so far, the stolen information has not been used maliciously, meaning it has not been publicly leaked online or leveraged for extortion attempts. However, customers are being cautioned to remain vigilant against unsolicited communications, such as phishing emails or messages that may try to impersonate the Leroy Merlin brand.
As part of its response, the retailer is providing guidance on how to identify potential phishing attempts. Customers are also instructed to report any unusual activity on their accounts directly to the company, including problems with redeeming loyalty discounts or any other anomalies. While the exact number of affected individuals remains undisclosed, the breach notification has been verified as authentic. No ransomware group has yet claimed responsibility for the attack, and further details from the company are pending.
(Source: Bleeping Computer)
