A threat actor surfaced on a popular hacker forum, claiming to possess data belonging to Lacoste, Ralph Lauren, Canada Goose, and Carter’s.
The threat actor shared a small batch of sample images, roughly three to four per brand. The Cybernews research team has gone through the files provided.
These screenshots appear to include employee details such as full names and work email addresses. Others hint at possible customer data, though those portions were partially redacted by the actor before being posted. The full extent of the alleged breach remains under wraps, but Cybernews has reached out to the brands for confirmation.
Data that was allegedly stolen:
- Full names and work email addresses of company staff;
- Screenshots showing email addresses and home addresses of customers;
- Internal metadata in the form of various numerical values and system-specific data points.
The attacker states in the post that it is “supply chain data.” Cybernews researchers analyzed the technical fingerprints left behind in the samples.
“Generally, the format of this data repeats across different brands mentioned and their samples,” our researchers noted. This points toward a supply chain attack, where a third-party service provider, likely one specializing in data management or retail logistics, was the true entry point. “The data itself looks like it came from SQL server DBMS, because photo samples included specific SQL server-related metadata, such as row version numbers,” our research team explained.
“The company may have had some compromised employee accounts. It could’ve also had some system misconfigurations that led to unauthorized access to internal data without necessarily having any account credentials,” our researchers added.
For more information, here’s the full report: https://cybernews.com/security/lacoste-ralph-lauren-supply-chain-data-breach/
Like this:
Like Loading...
Related
This entry was posted on April 16, 2026 at 9:44 am and is filed under Commentary with tags Cybernews. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Hacker Claims To Have Pwned Lacoste, Ralph Lauren, Canada Goose, and Carter’s
A threat actor surfaced on a popular hacker forum, claiming to possess data belonging to Lacoste, Ralph Lauren, Canada Goose, and Carter’s.
The threat actor shared a small batch of sample images, roughly three to four per brand. The Cybernews research team has gone through the files provided.
These screenshots appear to include employee details such as full names and work email addresses. Others hint at possible customer data, though those portions were partially redacted by the actor before being posted. The full extent of the alleged breach remains under wraps, but Cybernews has reached out to the brands for confirmation.
Data that was allegedly stolen:
The attacker states in the post that it is “supply chain data.” Cybernews researchers analyzed the technical fingerprints left behind in the samples.
“Generally, the format of this data repeats across different brands mentioned and their samples,” our researchers noted. This points toward a supply chain attack, where a third-party service provider, likely one specializing in data management or retail logistics, was the true entry point. “The data itself looks like it came from SQL server DBMS, because photo samples included specific SQL server-related metadata, such as row version numbers,” our research team explained.
“The company may have had some compromised employee accounts. It could’ve also had some system misconfigurations that led to unauthorized access to internal data without necessarily having any account credentials,” our researchers added.
For more information, here’s the full report: https://cybernews.com/security/lacoste-ralph-lauren-supply-chain-data-breach/
Share this:
Like this:
Related
This entry was posted on April 16, 2026 at 9:44 am and is filed under Commentary with tags Cybernews. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.