Leak at Cybertek
On 12 September 2024, French computer-hardware retailer Cybertek disclosed a customer data breach stemming from a compromised shared IT provider, exposing names, email and postal addresses and phone numbers; passwords and payment data were not affected.
- Victim
- Cybertek
On 12 September 2024, Cybertek β a French computer-hardware and electronics retailer β notified customers of a security incident that had exposed personal data, joining a wave of breaches affecting major French retailers that month.
The leak did not result from a direct intrusion into Cybertek's own systems but from a compromised shared IT service provider used by several retailers. The same threat actor β operating under the pseudonym horrormar44 / Horror404x and selling the stolen data on the Breached forum β was tied by researchers to parallel breaches at Boulanger, Cultura, Truffaut and Cybertek's sister brand Grosbill, indicating a coordinated supply-chain campaign.
Exposed data was limited to contact details:
- First and last name
- Email address
- Postal address
- Phone number
Cybertek stated that passwords and banking/payment information were not compromised. The company did not publish a precise figure for affected Cybertek customers (its sister brand Grosbill reported roughly 680,000 records); it said it had taken the necessary measures, resolved the incident, and that its website remained secure and fully operational.
Sources
- next.inkhttps://next.ink/149926/fuites-de-donnees-cybertek-et-grosbill-entrent-dans-la-danse-truffaut-refuse-de-donner-des-details/
- kulturegeek.frhttps://kulturegeek.fr/news-316875/cyberattaque-vol-donnees-clients-cybertek-grosbill
- macg.cohttps://www.macg.co/services/2024/09/boulanger-cultura-et-dautres-sites-annoncent-une-fuite-de-donnees-145925