Aditya Birla Fashion and Retail Ltd. (ABFRL) Hacked — All Data Leaked Online

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Aditya Birla Fashion and Retail Ltd ABFRL

One of the largest fashion and retail outlets in the world has been breached by a high-profile hacking group that goes by the name of ShinyHunters. The hackers exfiltrated data from ABFRL servers and then demanded payment for the deletion of company’s data. Now that negotiations have failed, ShinyHunters has published all of the data online. ShinyHunters contact RestorePrivacy to provide exclusive commentary for this report.

Aditya Birla Fashion and Retail Ltd. (ABFRL) is a billion dollar retail outlet with 3,212 retail stores throughout India. It is a subsidiary of the Aditya Birla Group, which spans numerous sectors and has annual revenues of $45 Billion.

Earlier today, the high-profile hacking group ShinyHunters leaked all of the data from its hack of ABFRL on a hacking forum. As we have noted before, ShinyHunters is the same group that has hacked many other large businesses, including Microsoft, Tokopedia, Pixlr, Mashable, Minted, and more.

ShinyHunters explained that they have had access to the ABFRL network for many weeks.

Negotiations failed, data posted online for free

The post and data are publicly available, but you need to be a member of the hacking forum to view the content. In the original post, ShinyHunters explained the rationale for releasing the data as follows:

We tried to get in touch with ABFRL. They sent a negotiator but he was just stalling (the offer was more than reasonable for a “US$ 45-Billion conglomerate”).
So we decided to leak everything for you guys including their famous divisions such as Pantaloons.com or Jaypore.com.

-ShinyHunters, January 11, 2022

Below is the original source of this leak documenting that we captured on the hacking forum.

ABFRL Data Breach 2022
The original post where the hackers made the data publicly available.
Source: RestorePrivacy.com

The post above does not discuss the exact amount that the hackers requested for payment, or when exactly ABFRL was first breached by the group.

ABFRL data posted online

Within just a few hours of making the data available online, it was removed from a third-party hosting site (MEGA). While some forum members were able to obtain the data before MEGA removed it, ShinyHunters told us that they will be posting updated links where anyone will be able to obtain the hacked information.

ABFRL hacked ShinyHunters

We will be analyzing the data and updating this article as soon as it becomes available (again).

ShinyHunters explained

ABFRL provides no comment or press release

We contacted ABFRL’s press team to provide any comment on this story. So far, neither ABFRL nor the parent company Aditya Birla Group have commented on the data breach on any of their websites.

The parent company’s business reach spans many countries around the world. It is a large player in many industries.

Aditya Birla Group industries

We have not yet received any response, but will monitor the situation and update this article with any new information.

Business model: Exfiltrate data, then demand ransom payment (without encryption)

Many people are aware of ransomware and the business model that goes with it. This involves hacking a server or network, encrypting the files, and then demanding a payout from the victim. This has been a popular attack for years as it encrypts files and prevents access with everything being encrypted with a private key.

However, we are now seeing a growing trend that does not involving encryption. In this new business model, a threat actor simply exfiltrates as much data as possible, and then demands a payment from the victim, with the threat of releasing all data should the negotiations fail.

Because the release of this data could be very expensive for a victim, many groups and businesses are willing to negotiate a payment to make the problem go away and have the data deleted. This is particularly the case as we see class action lawsuits for data breaches and other long-term costs associated with networks and servers being hacked.

In short, it is often cheaper to pay a hacker to not publicly release the data than pay for the implications of the breach. Additionally, many hacking and ransomware groups will offer to assist the victim in patching security vulnerabilities that resulted in the hack.

ABFRL is ShinyHunters’ first big leak of 2022

As we noted above, ShinyHunters is a prolific and well-known hacking group. The hack of ABFRL marks the group’s first major release of 2022.

You can see other victims of ShinyHunters on the group’s Wikipedia page here. The group’s previous exploits include:

  • Microsoft – 500 GB of Microsoft source code stolen and sold online
  • Mashable – 5.22 GB of company and staff data
  • Tokopedia – 91 million user accounts
  • Pixlr – 1.9 million user accounts
  • 123RF – 8.3 million user accounts
  • Wattpad – 270 million user records
  • Pluto TV – 3.2 million Pluto TV user records
  • Animal Jam – 46 million accounts leaked
  • WedMeGood – 41.5 GB of user data
  • BigBasket – 20 million user accounts
  • Dave.com – 7 million user accounts
  • Couchsurfing.com – Data from 17 million users
  • Dunzo – 11 GB of company data
  • Nitro PDF – 77 million user records
  • Bhinneka – 1 million user accounts
  • Minted – 5 million accounts leaked
  • ProctorU – 444,267 accounts
  • Bonobos – Full backup database with 7 million customers and 1.8 million registered users
  • Swvl – 4 million users
  • Mathway – 25 million records
  • Wishbone app – 40 million user records

Note: This list is not exhaustive.

We will continue to monitor the situation with the ABFRL hack and update this article as more information becomes available.

Read more

Explore the site

More from the blog

Latest News