ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Aditya Birla Fashion and Retail Data Breach

abfrl.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 5,470,063
Breach date 01 Dec 2021
Added to tracker 15 Jan 2022
Data classes 12

What happened

In December 2021, Indian retailer Aditya Birla Fashion and Retail Ltd was breached and ransomed. The ransom demand was allegedly rejected and data containing 5.4M unique email addresses was subsequently dumped publicly on a popular hacking forum the next month. The data contained extensive personal customer information including names, phone numbers, physical addresses, DoBs, order histories and passwords stored as MD5 hashes. Employee data was also dumped publicly and included salary grades, marital statuses and religions.

Exposed data

Email addresses Genders Income levels Job titles Marital statuses Names Passwords Phone numbers Physical addresses Purchases Religions Salutations

Recommended actions

  • Change your Aditya Birla Fashion and Retail password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Aditya Birla Fashion and Retail โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP