Hackers steal Lidl customer data from external service provider

European discount supermarket giant Lidl has disclosed a data breach affecting online shop customers in Germany, Belgium and the Netherlands after unknown attackers gained access to customer information stored by one of its IT service providers.

The retailer said the incident did not affect its online shopping platform itself but involved a separately stored customer database maintained by a third-party provider. According to notifications sent to Lidl’s German, Belgian and Dutch customers on Friday, the attackers briefly accessed the file and exfiltrated part of its contents.

The stolen information includes customers’ titles, first and last names, phone numbers, email addresses, dates of birth and customer numbers.

Lidl said there is no indication that passwords, billing or delivery addresses, bank details or other payment information were compromised, adding that customer accounts remain secure.

The company said it was informed of the incident earlier last week and that the service provider immediately took steps to secure the affected systems. Lidl has also filed a criminal complaint and notified the relevant data protection authority.

Although the company said it has found no evidence that the stolen information has been misused, it warned affected customers to remain alert for phishing emails and potential identity theft attempts because the exposed data could be used in targeted scams.

The company did not identify the affected IT service provider or disclose how many customers were impacted. It also did not attribute the breach to a specific threat actor or indicate whether ransomware played any role in the incident.

Lidl, part of Germany’s Schwarz Group, operates approximately 12,900 stores across 32 countries and employs around 395,000 people, making it one of Europe’s largest retail chains.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

Scroll to Top