Describing itself as the world’s largest jewelry brand, Pandora is a powerhouse when it comes to fashion jewelry, no doubt. Like other retail giants, Pandora has confirmed that it has fallen victim to a cyberattack and that customer data has been breached. Here’s what we know so far about this breaking story.
Pandora Confirms Cyber Security Attack And Data Breach
You might not think it to look at me, but this six-foot tall and very heavily tattooed geezer has a soft side. Yes, I am a customer of Pandora. Which is how I came to hear of the cyber incident when, at 09:15 Eastern Time, I received an email with a subject line of: “This is an important service email from Pandora regarding a personal data breach.”
The email confirmed that Pandora has “experienced a cybersecurity attack,” and that “some customer information was accessed through a third-party platform that we use.” Although there is no further information to confirm or deny if this is a ransomware-related attack, as experienced by numerous others in the retail sector across the last few months, we do know that data has been breached.
“Only very common types of data were copied by the attacker – specifically name and email address,” the email notification confirmed. I have approached Pandora for a statement, but in the meantime, it has been made clear that “no passwords, credit card details or similar confidential data were involved in this incident.”
What isn’t known is whether this information has been made public anywhere, such as a data leak site, although Pandora has stated that it has “carried out extensive checks and to date we cannot see any evidence that this data has been shared or published.”
Pandora/Davey Winder
Pandora said that it has stopped the attack, and security measures have been strengthened. Further, it recommended that customers “pay extra attention to unusual emails and online activities prompting for your data as this could be phishing attempts from third parties pretending to be associated with Pandora.”
Although the email from Pandora links to a help page for further information, when I clicked through, there was nothing related to the cyberattack or data breach to be found, and asking the AI assistant just solicited a can’t help you response.
A Pandora spokesperson told me: ”Protecting our customers’ privacy is of the utmost importance to us. While incidents like these have unfortunately become increasingly common across industries, particularly among global companies, we take this matter very seriously. We are working closely with our supplier to investigate the incident thoroughly and to implement all necessary measures to ensure this does not happen again. Based on the current stage of investigation, we are confident that the attack has been contained.”
