Global Jewellery Brand Pandora Suffers Hacked

Danish jewellery giant Pandora has disclosed a significant data breach that compromised customer information through a third-party vendor platform. 

The company has begun notifying affected customers, starting with Italian markets, about the cybersecurity incident that resulted in unauthorized access to personal data.

Key Takeaways
1. Supply-chain breach via third-party vendor exposed customer names, phone numbers, and emails.
2. No passwords or payment data accessed.
3. No signs of data leaks, but customers warned to watch for phishing.

Third-Party Vendor Vulnerability Exploited

According to the RansomNews report on X, the breach occurred through a supply chain attack, where threat actors gained access to customer data via a third-party service provider’s platform rather than directly targeting Pandora’s primary systems. 

This attack vector has become increasingly common as cybercriminals exploit the attack surface created by vendor relationships and interconnected digital ecosystems.

According to Pandora’s breach notification, the compromised Personally Identifiable Information (PII) includes customer names, phone numbers, and email addresses. 

The company emphasized that no sensitive authentication credentials such as passwords, credit card details, or other Protected Health Information (PHI) equivalent data were accessed during the incident.

The breach appears to follow the MITRE ATT&CK framework’s initial access tactics, specifically T1199 – Trusted Relationship, where attackers leverage access through partner networks. 

Security researchers suggest this incident may be connected to broader Advanced Persistent Threat (APT) campaigns targeting customer relationship management platforms, with some sources indicating potential ties to recent Salesforce-related security incidents.

Pandora’s Incident Response Team acted swiftly to contain the breach, implementing network segmentation and access controls to prevent lateral movement within their infrastructure. 

The company has enhanced its Security Information and Event Management (SIEM) systems and deployed additional Endpoint Detection and Response (EDR) solutions across its digital estate.

The jewelry retailer is now conducting a comprehensive forensic analysis using digital forensics tools to determine the full scope of the compromise. 

Current threat hunting activities show no evidence of data exfiltration or public distribution of the stolen information.

Pandora has issued warnings about potential spear-phishing campaigns that may target affected customers using the compromised contact information. 

The company advises customers to remain vigilant against social engineering attempts and to verify any suspicious communications through official channels.

As threat actors continue to exploit supply chain vulnerabilities, organizations must implement robust zero-trust architecture and continuous monitoring across all vendor relationships.

Equip your SOC with full access to the latest threat data from ANY.RUN TI Lookup that can Improve incident response -> Get 14-day Free Trial