French retail chain Auchan is notifying hundreds of thousands of customers that their personal information was stolen in a data breach.
The incident, the company said in notifications sent last week, impacted names, addresses, email addresses, phone numbers, and loyalty card numbers.
No banking information, passwords, or PINs have been compromised in the incident, the retailer said.
“We are writing to inform you that Auchan has been the victim of a cyberattack. This attack resulted in unauthorized access to certain personal data associated with your loyalty account,” reads the notification, a copy of which was shared by local media.
Auchan says it took the necessary steps to contain the attack and improve the security of its systems, and that it notified the French data protection watchdog CNIL of the incident.
The company is advising the impacted customers to remain vigilant of phishing, scams, and other types of attacks that could be fueled by the stolen information.
The retailer told French media that several hundreds of thousands of customers were affected by the incident.
However, the company did not share information on how the data breach occurred, who was behind the attack, and whether it has received any extortion demands.
SecurityWeek has emailed Auchan for additional information on the data breach and will update this article if the company responds.
This appears to be the second data breach that Auchan has disclosed over the past year. The new notification seems to be the same notice that the company sent to its customers in November 2024.
Related: Aspire Rural Health System Data Breach Impacts Nearly 140,000
Related: Intel Employee Data Exposed by Vulnerabilities
Related: Choosing a Clear Direction in the Face of Growing Cybersecurity Demands
Related: Casio Website Infected With Skimmer
