Skip to content
Supply chainContained

Leak at Cybertek

On 12 September 2024, French computer-hardware retailer Cybertek disclosed a customer data breach stemming from a compromised shared IT provider, exposing names, email and postal addresses and phone numbers; passwords and payment data were not affected.

Victim
Cybertek

On 12 September 2024, Cybertek β€” a French computer-hardware and electronics retailer β€” notified customers of a security incident that had exposed personal data, joining a wave of breaches affecting major French retailers that month.

The leak did not result from a direct intrusion into Cybertek's own systems but from a compromised shared IT service provider used by several retailers. The same threat actor β€” operating under the pseudonym horrormar44 / Horror404x and selling the stolen data on the Breached forum β€” was tied by researchers to parallel breaches at Boulanger, Cultura, Truffaut and Cybertek's sister brand Grosbill, indicating a coordinated supply-chain campaign.

Exposed data was limited to contact details:

  • First and last name
  • Email address
  • Postal address
  • Phone number

Cybertek stated that passwords and banking/payment information were not compromised. The company did not publish a precise figure for affected Cybertek customers (its sister brand Grosbill reported roughly 680,000 records); it said it had taken the necessary measures, resolved the incident, and that its website remained secure and fully operational.

Sources

  1. next.inkhttps://next.ink/149926/fuites-de-donnees-cybertek-et-grosbill-entrent-dans-la-danse-truffaut-refuse-de-donner-des-details/
  2. kulturegeek.frhttps://kulturegeek.fr/news-316875/cyberattaque-vol-donnees-clients-cybertek-grosbill
  3. macg.cohttps://www.macg.co/services/2024/09/boulanger-cultura-et-dautres-sites-annoncent-une-fuite-de-donnees-145925

Related incidents

Supply chainContained

Leak at Cyberhaven

On 25 Dec 2024, data-security firm Cyberhaven's Chrome extension was hijacked via a phishing attack and pushed a malicious update that exfiltrated cookies and session tokens from roughly 400,000 users over a 24-hour window.

Victim
Cyberhaven