ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Zara Data Breach

zara.com
Limited exposure
Verified breach
Accounts exposed 197,376
Breach date 15 Apr 2026
Added to tracker 08 May 2026
Data classes 4

What happened

In April 2026, the fashion brand Zara was among a number of organisations targeted by the ShinyHunters extortion group as part of their "pay or leak" campaign. The group claimed the breach was related to a compromise of the Anodot analytics platform and subsequently published a terabyte of data allegedly including 95M support ticket records. The data contained 197k unique email addresses alongside product SKUs, order IDs and the market the support ticket originated in. Zara's parent company Inditex advised that the incident didn't affect passwords or payment information.

Exposed data

Email addresses Geographic locations Purchases Support tickets

Recommended actions

  • Watch for targeted phishing emails referencing Zara — attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP