Zara data breach saw 197,000 people have information exposed — but luckily, hackers may not have accessed private info

• ShinyHunters leaked 140GB of data from Zara’s BigQuery instances, exposing 197,400 emails, purchase records, and support tickets
• Inditex confirmed no names, addresses, credentials, or payment info were stolen, reducing direct risk
• Still, exposed emails and purchase details could fuel tailored phishing campaigns against customers

Fashion behemoth Zara lost customer data on almost 200,000 people, but it seems very little private information was actually stolen.

Zara is one of the biggest fashion retailers in the world, with more than 1,500 stores around the world, and is the flagship brand of the Inditex Group, which also owns Massimo Dutti, Pull&Bear, Bershka, and many others.

Last month, it disclosed suffering a data breach as the result of the ongoing incident involving Anodot, an AI-powered, cloud-based analytics platform that some companies integrated with other services, such as Snowflake. When ransomware actors ShinyHunters broke into Anodot, they ...