A data breach originating from the popular French fashion brand Zadig & Voltaire was publicly disclosed via a popular hacking forum on June 5, 2024. The stolen data belongs to 586,895 breached accounts with the company and includes personal information such as names, emails, physical addresses, phone numbers, and genders.
The hacker advertised having 638,000 Zadig & Voltaire customer records, but only close to 587,000 of these have been confirmed. The data reportedly includes ID, name, gender, date of birth, email, group, phone, ZIP, country, state, city, billing and shipping addresses, VAT numbers, and more.
The unique email addresses were verified and added to the Have I Been Pwned (HIBP) data breach notification service on June 17, with 65% already in the database. It's crucial for affected individuals to take proactive steps to protect their accounts and personal information.
Zadig & Voltaire issued a statement to apologize to customers for any inconvenience this security incident may have caused. The company advised that the breach had occurred more than six months ago and said they have employed cybersecurity experts to investigate the breach and are “taking all necessary measures to ensure this does not happen again.”
Unauthorized third parties reportedly gained access to the company’s database on November 16, 2023. The breach method has not been disclosed yet, but attackers may have exploited vulnerabilities in the company’s online systems.
The new Zadig & Voltaire list adds to the over 360 million stolen accounts that were leaked for free on Telegram and stored with HIPB.