IT incident at Anodot: Fashion chain Zara affected
The cyber gang ShinyHunters recently broke into Anodot. In the process, they also exfiltrated data from the fashion chain Zara.
Data has been exfiltrated from the fashion chain Zara.
(Image: heise medien)
The cyber gang ShinyHunters has exfiltrated data from several companies during a break-in at the service provider Anodot. On Wednesday, they published the data exfiltrated from the fashion chain Zara.
Initially, ShinyHunters had threatened to publish the data, stating that the company's BigQuery instance was compromised thanks to anodot.com. The deadline has now passed, and the dataset, which is reportedly over 140 GB when compressed, is openly accessible. “The company failed to reach an agreement with us despite our incredible patience, all the chances and offers we made. They don’t care,” the perpetrators wrote on the dark web.
Anodot.com offers services for monitoring operational data using AI, for example, to optimize cloud costs. The tool analyzes various KPIs (Key Performance Indicators), initially learns the “normal” behavior, and then warns of anomalies. Companies can use it to detect and counteract revenue losses or similar events more quickly.
Parent company reacts
The international fashion chain Zara belongs to the Inditex group, which responded to a request from heise online. According to Inditex, they noticed unauthorized access to company databases hosted by a third-party provider. These databases contain information about commercial interactions with customers in various markets. However, they do not contain any data such as names, phone numbers, addresses, passwords, bank card information, or other payment methods.
The company has immediately activated and implemented security protocols and informed the responsible authorities about the unauthorized access. According to Inditex, the access is due to an IT security incident at a former technology provider and affected several internationally operating companies. However, operations and systems are not affected, and “customers can continue to access and use its services with complete safety.”
Videos by heise
About two weeks ago, it became known that ShinyHunters also exfiltrated data from the game developer Rockstar (Grand Theft Auto, GTA). There, the cyber gang claims to have gained access to Snowflake instances through Anodot. However, Rockstar also stated that only unimportant data had been exfiltrated.
(dmk)
