{"id":213597,"date":"2026-05-14T02:30:06","date_gmt":"2026-05-14T06:30:06","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/14\/zara-data-breach-197000-customers-exposed-in-third-party-security-incident\/"},"modified":"2026-05-14T02:30:09","modified_gmt":"2026-05-14T06:30:09","slug":"zara-data-breach-197000-customers-exposed-in-third-party-security-incident","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/14\/zara-data-breach-197000-customers-exposed-in-third-party-security-incident\/","title":{"rendered":"Zara Data Breach: 197,000 Customers Exposed in Third-Party Security Incident"},"content":{"rendered":"<p><a href=\"https:\/\/securityaffairs.com\/191859\/cyber-crime\/zara-data-breach-197000-customers-exposed-in-third-party-security-incident.html\">Zara Data Breach: 197,000 Customers Exposed in Third-Party Security Incident<\/a><\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/191859\/cyber-crime\/zara-data-breach-197000-customers-exposed-in-third-party-security-incident.html\">https:\/\/securityaffairs.com\/191859\/cyber-crime\/zara-data-breach-197000-customers-exposed-in-third-party-security-incident.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-08 10:05:51<\/a><\/p>\n<p>Source Domain: <a href=\"securityaffairs.com\">securityaffairs.com<\/a><\/p>\n<p>The cyber incident affecting Inditex, Zara\u2019s parent company, exposed the personal data of nearly 197,000 Zara customers due to a third-party security breach linked to the gang ShinyHunters. While no sensitive data including passwords or payment information was compromised, significant customer information such as emails, purchase history, product SKUs, and support interactions was exposed. Inditex confirmed unauthorized access to its databases managed by a former technology provider but emphasized that no operational disruptions occurred and the incident did not affect payment information. ShinyHunters, known for similar attacks on major companies, claimed responsibility for the security incident through compromised Anodot authentication tokens, which allowed access to analytics infrastructure used by multiple organizations. Despite ShinyHunters\u2019 claims, Inditex remains cautious on specifying the compromised vendor or definitively attributing the breach to a particular actor.<\/p>\n<p>Key Points:<br \/>\n&#8211; Nearly 200,000 Zara customers had their data exposed in a breach tied to ShinyHunters.<br \/>\n&#8211; Personal data including emails, purchase history, and customer interactions were compromised, but crucial details such as passwords and payment information remain safe.<br \/>\n&#8211; ShinyHunters exploited compromised Anodot tokens as part of a larger series of similar attacks.<br \/>\n&#8211; Inditex is yet to identify the exact technology provider or official threat actor behind the security incident.<br \/>\n&#8211; No operational services were disrupted following the incident.<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Zara Data Breach: 197,000 Customers Exposed in Third-Party Security Incident https:\/\/securityaffairs.com\/191859\/cyber-crime\/zara-data-breach-197000-customers-exposed-in-third-party-security-incident.html Publish Date: 2026-05-08 10:05:51&#8230;<\/p>\n","protected":false},"author":1,"featured_media":213599,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2026\/05\/image-21.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[30,34],"class_list":["post-213597","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breach","tag-threat-actor"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/213597"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=213597"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/213597\/revisions"}],"predecessor-version":[{"id":213601,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/213597\/revisions\/213601"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/213599"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=213597"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=213597"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=213597"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}