Ever Ordered From Bonobos? Huge Data Breach and Leak
Data from approximately 7 million customers of Bonobos, a clothing retailer that is a subsidiary of Walmart was stolen and then leaked...to make matters worse. Here's what to do:
- The data breach at Bonobos was publicly disclosed on January 22nd, 2021.
- Who exactly was breached: Bonobos, an online clothing retailer and a Walmart subsidiary
- This particular data breach affected approximately 7 million customers
- What does this data breach include? (according to information released)
- Customers' e-mail addresses (7M customers)
- Phone numbers (7M customers)
- Last 4 digits of credit card numbers (3.5M customers)
- Order information (1.8M customers)
- Encrypted Passwords (1.8M customers)
IMPORTANT: Walmart purchased Bonobos sometime in 2017 for about $300 million and sells Bonobos clothing on Walmart's Jet.com site.
So yes, if you've used this retailer before, there's a good chance that you email address, phone number, the last 4 digits of your credit card, what you ordered AND your encrypted password were breached AND released by a hacker.
According to BleepingComputer.com:
"Last weekend, a threat actor known as ShinyHunters, who is notorious for hacking online services and selling stolen databases, posted the full Bonobos database to a free hacker forum."
Of course, Bonobos sent an email to their customers encouraging them to change passwords for their Bonobos account and any other accounts that share the same password. That's the kicker. Many online shoppers use the same passwords for similar sites. So if you may have been affected by this breach, please take it seriously as the data that was hacked HAS ALREADY BEEN RELEASED.
This is absolutely worth your time to change passwords at other sites if you have been a customer at Bonobos. The amount of data that was stolen and already posted on the 'dark web' is massive.