ShellCodeX Breach Report
Fashion Nexus Data Breach
fashionnexus.co.uk
Verified breach
Passwords exposed
Accounts exposed
1,279,263
Breach date
09 Jul 2018
Added to tracker
31 Jul 2018
Data classes
10
What happened
In July 2018, UK-based ecommerce company Fashion Nexus suffered a data breach which exposed 1.4 million records. Multiple websites developed by sister company White Room Solutions were impacted in the breach amongst which were sites including Jaded London and AX Paris. The various sites exposed in the incident included a range of different data types including names, phone numbers, addresses and passwords stored as a mix of salted MD5 and SHA-1 as well as unsalted MD5 passwords. When asked by reporter Graham Cluley if a public statement on the incident was available, a one-word response of "No" was received.
Exposed data
Browser user agent details
Dates of birth
Email addresses
Genders
IP addresses
Names
Passwords
Phone numbers
Physical addresses
Purchases
Recommended actions
- Change your Fashion Nexus password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Fashion Nexus — attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP