Lindex Group, an international retail giant specializing in high-quality fashion, has reportedly fallen victim to a data breach. According to claims made by threat actor IntelBroker on dark web forums, the Lindex Group data breach allegedly occurred in June 2024, targeting Lindex Group’s internal GitLab.
The perpetrator allegedly exploited vulnerabilities stemming from developers storing credentials in their Jira workplace, thereby gaining access to a collection of source code belonging to the company.
Lindex Group, which has been a part of the Finnish Stockmann Group since 2007, operates approximately 480 stores across 18 markets, including the Nordic countries, the Baltic states, Central Europe, and the Middle East. With a workforce of around 5,000 employees, the company holds a prominent position in the retail industry, focusing on an omnichannel approach to fashion retailing.
Decoding IntelBroker’s Claims of Lindex Group Data Breach
The claims made by IntelBroker on the dark web suggest that the compromised source code of Lindex Group is now accessible through undisclosed channels, although specific details such as the price for access or direct communication channels have not been publicly disclosed. The situation has prompted concerns about the potential impact on Lindex Group’s operations and the security of its customers’ data.
Despite these reports, Lindex Group has yet to issue an official statement or response regarding the alleged breach. The Cyber Express has reached out to the organization to learn more about this the breach claims. However, at the time of this, no official statement or response has been received.
Visitors to Lindex Group’s website may find it operational without immediate signs of intrusion, suggesting that the attack may have targeted backend systems rather than initiating a more visible front-end assault like a Distributed Denial-of-Service (DDoS) attack or website defacements.
IntelBroker Hacking Spree
IntelBroker, the solo hacker claiming responsibility for the breach, has a history of similar actions, having previously claimed involvement in cybersecurity incidents affecting other major companies. One notable example includes an alleged data breach targeting Advanced Micro Devices (AMD), a leading semiconductor manufacturer, and Apple was another alleged victim.
The incident, disclosed on platforms like BreachForums, involved the exposure of sensitive data, prompting AMD to initiate investigations in collaboration with law enforcement authorities and third-party cybersecurity experts.
The situation highlights the persistent nature of hackers like IntelBroker, who continue to exploit vulnerabilities in digital infrastructure for financial gain or malicious intent. For organizations like Lindex Group, the fallout from such breaches can encompass not only financial losses but also reputational damage and regulatory scrutiny.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.