NY23:01
    LDN04:01
    HKG11:01
    TYO12:01
    Gold4,499-0.30%
    Bitcoin75,485-2.77%
    Gold4,499-0.3%
    Bitcoin75,485-2.8%
    LATEST NEWS
    Minnesota Feeding Our Future leader gets 41 years for $250 million fraud36 minutesDevon buys 16,300 Delaware Basin acres for about $2.6 billion37 minutesBurnham launches Makerfield by-election bid as Greens reopen selectionabout 2 hoursDHS updates public events feed, spotlighting activities tied to its Washington headquartersabout 2 hoursDC parks agency centralizes neighborhood programming on official events pageabout 2 hoursDC Public Library Launches Dig DC: The People's Archive Digital Repositoryabout 2 hoursDC.gov's official events calendar lists public programs across the Districtabout 2 hoursDistrict posts DPR-1 Articles of Incorporation for domestic professional corporationsabout 2 hoursDC posts central hub for unemployment insurance tax forms and guidanceabout 2 hoursOpen Data DC centralizes the city’s public datasets for residents and researchersabout 2 hoursDC Department of Health publishes official Marriage and Family Therapy licensing pageabout 2 hoursDistrict posts draft ANC support letter for Reservoir Road traffic calmingabout 2 hoursDC’s licensing hub: Department of Licensing and Consumer Protection’s occupational and professional portalabout 2 hoursDC Public Library says catalog isn't sending digital hold alerts; manage holds via Libbyabout 2 hoursDC.gov Hosts District’s Official Events Calendar for Public Programs and Meetingsabout 2 hoursMinnesota Feeding Our Future leader gets 41 years for $250 million fraud36 minutesDevon buys 16,300 Delaware Basin acres for about $2.6 billion37 minutesBurnham launches Makerfield by-election bid as Greens reopen selectionabout 2 hoursDHS updates public events feed, spotlighting activities tied to its Washington headquartersabout 2 hoursDC parks agency centralizes neighborhood programming on official events pageabout 2 hoursDC Public Library Launches Dig DC: The People's Archive Digital Repositoryabout 2 hoursDC.gov's official events calendar lists public programs across the Districtabout 2 hoursDistrict posts DPR-1 Articles of Incorporation for domestic professional corporationsabout 2 hoursDC posts central hub for unemployment insurance tax forms and guidanceabout 2 hoursOpen Data DC centralizes the city’s public datasets for residents and researchersabout 2 hoursDC Department of Health publishes official Marriage and Family Therapy licensing pageabout 2 hoursDistrict posts draft ANC support letter for Reservoir Road traffic calmingabout 2 hoursDC’s licensing hub: Department of Licensing and Consumer Protection’s occupational and professional portalabout 2 hoursDC Public Library says catalog isn't sending digital hold alerts; manage holds via Libbyabout 2 hoursDC.gov Hosts District’s Official Events Calendar for Public Programs and Meetingsabout 2 hours
    Technology

    Zara data breach exposed data from 197,400 customers, Inditex says

    A data breach at Zara exposed 197,400 customer records, including email addresses and purchase details, stemming from a former technology provider.

    Published8 May 2026, 17:16:44
    Zara data breach exposed data from 197,400 customers, Inditex says
    A360
    Key Takeaways✦ Atlas AI
    01

    Zara experienced a data breach exposing 197,400 customer records, including email addresses and order details, stemming from a former technology provider. This highlights the significant risks associated with third-party vendor access to sensitive customer data.

    02

    An extortion group claimed responsibility for the Zara breach, alleging a 140GB data theft, indicating a potentially larger compromise than initially reported. This raises concerns about the full extent of the exfiltrated data and its potential misuse.

    03

    The incident underscores critical supply chain vulnerabilities, as the breach originated from a 'former tech provider,' emphasizing the need for robust security protocols and oversight even after vendor relationships conclude to prevent future compromises.

    Atlas AI

    Atlas AI

    A data breach involving Zara, the flagship brand of Inditex Group, exposed data tied to 197,400 customers, according to an analysis by data-breach notification service Have I Been Pwned.

    The exposed information included email addresses, product SKUs, order IDs, and the market in which support tickets originated. Inditex said the affected databases were hosted by a former technology provider.

    Inditex said the incident did not expose customers’ names, phone numbers, postal addresses, account credentials, or payment information. The company added that its internal operations and systems were not affected.

    An extortion group has claimed responsibility for the breach, alleging it stole a 140GB archive. The group has been linked in prior incidents to data thesources involving compromised authentication tokens.

    ATLAS SIGNALCybersecurity RiskHigh1–3 months
    14d

    Supply Chain Vulnerabilities Exacerbate Retail Cybersecurity Risks for Multinational Corporations

    The data breach at Zara, originating from a former technology provider, highlights the persistent and evolving cybersecurity risks associated with third-party vendors and supply chains for large multinational retail companies. Even after disengagement, vendor systems can remain a vector for data compromise, impacting customer trust and posing global regulatory compliance challenges.

    1 story
    View Issue

    The incident underscores supply-chain risk tied to third-party providers. Inditex has not identified the former technology provider involved or attributed the breach to a specific threat actor beyond noting the incident originated outside its own systems.

    Share

    Related Articles

    Atlas360

    Sign up for Atlas Daily

    The daily global news briefing you can trust.

    every weekday·Read it now

    or
    Sign in

    Already subscribed? Sign in and we won't show you this message again.