ShellCodeX Breach Report
Aditya Birla Fashion and Retail Data Breach
abfrl.com
Verified breach
Passwords exposed
Accounts exposed
5,470,063
Breach date
01 Dec 2021
Added to tracker
15 Jan 2022
Data classes
12
What happened
In December 2021, Indian retailer Aditya Birla Fashion and Retail Ltd was breached and ransomed. The ransom demand was allegedly rejected and data containing 5.4M unique email addresses was subsequently dumped publicly on a popular hacking forum the next month. The data contained extensive personal customer information including names, phone numbers, physical addresses, DoBs, order histories and passwords stored as MD5 hashes. Employee data was also dumped publicly and included salary grades, marital statuses and religions.
Exposed data
Email addresses
Genders
Income levels
Job titles
Marital statuses
Names
Passwords
Phone numbers
Physical addresses
Purchases
Religions
Salutations
Recommended actions
- Change your Aditya Birla Fashion and Retail password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Aditya Birla Fashion and Retail โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP