Urgent Warning: Cultura Hack Exposes 2.6 Million Customers' Data - Is Your Information at Risk?

After the Boulanger hack, it's Cultura's turn! A hacker successfully infiltrated the company's systems and stole the personal data of more than 2.6 million customers. Caution is essential during this period!

Cyberattacks are making a strong comeback! After targeting Boulanger, Cultura has now fallen victim to a breach. The same hacker managed to infiltrate the brand’s systems. In an email to its customers, the store chain explained that one of its external IT service providers "was the victim of a malicious intrusion into its database, as part of an attack that targeted multiple brands." Among the stolen data are customer names, phone numbers, full postal addresses, geographic coordinates (latitude and longitude), and email addresses, along with lists of purchased products. According to cybersecurity researcher SaxX, the personal information of 2.6 million people was exfiltrated. The stolen database was put up for sale on BreachForums, a site known as the "Amazon of cybercrime."

Cultura Hack: Data of 2.6 Million Customers Stolen

In its email, Cultura aimed to reassure its customers, stating that "data related to passwords and banking information were not compromised." The company also clarified that "the vulnerability that led to this incident with our service provider has been identified, and corrective actions have been taken."

After the Boulanger Hack. Cultura Steps Forward to Notify Customers

Boulanger and Cultura are not the only brands affected by this cyberattack. The hacker has also claimed responsibility for stealing data from other brands, including GrosBill, CyberTek, DIVIA Mobilité, and PepeJeans, as well as data categorized under "Retirement Insurance." And these may not be the only ones! The Mulliez Group, which owns Boulanger and Cultura, also operates over 130 store chains in various sectors, such as Kiabi, Leroy Merlin, Flunch, Norauto, Décathlon, PicWicToys, and Jules. Therefore, it is likely that other brands within the group will be affected, as they may use the same third-party service provider.

Warning Against Upcoming Phishing Campaigns

With these multiple breaches, phishing campaigns are expected to occur in the coming weeks. When scammers get hold of personal information from databases, they use it to tailor their traps and make their messages more convincing. In short, if you are a customer of any of these brands, be extra vigilant in the coming weeks. As always, do not respond hastily to emails, text messages, phone calls, or even registered letters from unknown senders or those that seem suspicious. Take the time to verify the identity of the sender before taking any action!