1 Million Accounts Impacted by the Massive 2023 Glamira Data Breach, 875,000 Emails Exposed 

• Almost 1 million Glamira accounts were targeted in last year’s data breach, compromising 875,000 email addresses.
• Apparently, payment information and passwords were not included in the hacker forum leak.
• The addresses were added to the Have I Been Pwned breach notification service database.

Online jewelry retailer Glamira recently confirmed a significant data breach that has affected nearly 1 million accounts. According to an official statement, the breach resulted from an unauthorized individual who briefly accessed one of the company’s servers on December 16, 2023.  

Details of the breach remained undisclosed to the public until January 3, 2025, when it was added to the Have I Been Pwned (HIBP) database, a widely referenced resource for breach notifications. 

HIBP verified and added 999,999 compromised accounts, marking this as one of the largest breaches in recent e-commerce history. 

The breach exposed sensitive customer data, which has since been leaked on a prominent hacking forum. Compromised information includes 875,000 email addresses, names, phone numbers, and details of purchases, putting customers at risk of targeted phishing attacks and identity theft.

While payment information and passwords were not included in the leak, the information released is sufficient to launch social engineering attacks or invade users' personal privacy.  

Glamira issued a brief statement acknowledging the breach and the subsequent leak, stating that they are taking “appropriate steps to prevent future occurrences." Beyond this, the company has not disclosed whether customers directly impacted by the breach have been notified, raising transparency concerns amidst the fallout.  

In November, approximately 57 million unique email addresses exposed in the October Hot Topic data breach were added to HIBP, and the impacted data also included sensitive personal details and payment card data.