Another major Indian firm has fallen quarry to a massive cyberattack. This time, the victim is a circumstances India 500 list company: Mumbai-headquartered Aditya Birla radical (ABG). The conglomerate includes Aditya Birla fashion and Retail Ltd. (ABFRL) as wellspring as businesses in other sectors. ABFRL, formed after the fusion of Madura fashion & Lifestyle and Pantaloons, describes itself as “India�s first billion-dollar pure-play fashion powerhouse with an elegant bouquet of leading fashion brands and retail formats.” in a corporate intro published in July, 2021, ABG claimed to be a US$ 45-billion conglomerate that has 130 manufacturing units globally, and 140,000+ employees of 100 nationalities in 36 countries. in early December, DataBreaches.net was contacted by ShinyHunters, who alerted this site to the round which was then still in progress.��The firm had detected them early, ShinyHunters told this site, but the threat actors still had access. even as of today, ShinyHunters claims to still get access. as a sample of the types of information the terror actors acquired already, this site was shown headers from 1 of the employee-related databases: PoornataID,HRStatus,PositionNumber,PositionTitle,HireDate,NameDisplay,NamePrefix,FirstName,MiddleName,LastName,BirthDate,BirthCountry,MaritialStatus,Gender,City,State,Postal,Emailid,ABGExperience,Age,Company,Business,BusinessUnit,Department,Location,JobBand,Designation,ReportsTo,SupervisorId,FunctionCd,FunctionDescription,SubFunction,SalaryGrade,HolidaySchedule,ManagerId,ManagerName,ManagerDesignation,ConfirmationDate,CostCentre,Religion,LastPromotionDate,Phone,Extension,Cadre,ManagerEmailId Not all the fields reportedly had actual data, but ShinyHunters claimed to get sensitive data on both customers and employees and showed a small sample of both to DataBreaches.net. DataBreaches.net reached out to ABG via email to require their answer to the claims and incident, and to ask whether they were going to notify employees and customers. despite such inquiries sent to multiple email ABG addresses and personnel on December 3, december 4, december 10, and january 10, no replies were received. DataBreaches.net has found no note on their site or pressure release. Today,� ShinyHunters notified DataBreaches.net that after more failed negotiations between ShinyHunters and ABG or their spokesperson —� negotiations that ShinyHunters described to this site as a stalling tactic — ShinyHunters was leaking the data on a popular forum where data are shared or sold: So we decided to leak everything for you guys including their famous divisions such as Pantaloons.com (https://facebook.com/pantaloons) or Jaypore.com (https://facebook.com/jaypore). Within an hour or so, the hosting site removed the waste-yard for violations of TOS. The data are reportedly in the outgrowth of being reuploaded to another site. citation card Data, Too? ShinyHunters informed this site that although they acquired customers’ credit card data with passing date and CVV — and that ABFRL Pantaloons knows that ShinyHunters is in possession of such data, the firm has allegedly not informed customers about the breach of card data. If they have notified employees and customers privately of the data breach and exfiltration of data, DataBreaches.net has seen no proof of that as yet. If any reader is a Pantaloons customer or employee who has been informed of the breach, please middleman this site with details of how you were informed and what you were told. Thank you.
