Data Security Incident at Auchan Affects a Significant Number of Shoppers

Data Security Incident at Auchan Affects a Significant Number of Shoppers

Multinational retailer Auchan has disclosed a cyberattack impacting the loyalty accounts of several hundred thousand customers.

🔍 What happened?

• Attackers gained unauthorized access to loyalty account data.
• Exposed information includes:
  • Full name, title, client status
  • Postal address, email, phone number
  • Loyalty card number

✅ What was not exposed:

• Bank account data
• Passwords
• PIN codes

Auchan confirmed it has notified the French Data Protection Authority (CNIL) and is sending breach notifications to impacted customers.

⚠️ Phishing risk:
The retailer warns that attackers may use stolen data for targeted phishing.

📌 Why it matters
Auchan operates 2,100+ stores across 13 countries, employs 154,000 staff, and generates $35B+ in revenue annually.
This breach follows similar incidents impacting major French organizations like Air France, KLM, Orange, and Bouygues Telecom, some linked to ShinyHunters’ Salesforce attacks.

While no direct link has been confirmed, the trend highlights a growing threat to large enterprises in France and beyond.

At Alcaeus Services, we help businesses strengthen defenses, detect breaches early, and reduce phishing risks stemming from data leaks.