Decathlon employee data leaked online following breach
Two-year-old Decathlon database surfaces on the dark web
A tranche of Decathlon employee data stolen in a leak two years ago has now made it to the dark web, cybersecurity researchers are saying.
A blog post from vpnMentor revealed how someone posted a new thread on an online forum, with a database allegedly containing personally identifiable information (PII) of some 8,000 Decathlon employees.
The database, published on September 7, was 61MB in size, and apparently contained enough sensitive information to run a phishing campaign or identity theft: full names, usernames, phone numbers, email addresses, countries and cities of residence, authentication tokens, and photos.
Misconfigured databases
The data was taken in 2021. Back then, vpnMentor reminds, a tech and consulting company Bluenove partnered with Decathlon for its Vision 2030 campaign. Bluenove is a firm working on “massive collective intelligence”, while Decathlon is a French sporting goods retailer. During the Vision 2030 campaign, Bluenove surveyed Decathlon’s employees and customers.
It stored the data it generated in an Amazon Web Services (AW) S3 bucket, which was misconfigured. As a result, someone stole the data residing there before Bluenove managed to lock it down in mid-April that year.
Now, two years later, the data has surfaced, and according to mentorVPN, chances are it’s legitimate. “While we no longer have the data samples from the original leak incident due to our retention policy, our report from before shows that the data shared in the sample posted by the hacker is consistent with the data we found two years prior,” vpnMentor wrote in a blog post. “This confirms that the recently shared database is authentic.”
Bluenove acknowledged the existence of the data leak, the researchers said, adding that they’re advising the consulting company on how to mitigate the damage. While Decathlon and its employees are the real victims here, the company cannot be blamed, and could have done nothing to prevent this from happening, the researchers concluded.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
More from TechRadar Pro
- Thousands of corporate logins have been taken by info-stealing malware
- Here's a list of the best firewalls today
- These are the best privacy tools around
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.