Decathlon employee data leaked online following breach

Two-year-old Decathlon database surfaces on the dark web

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A tranche of Decathlon employee data stolen in a leak two years ago has now made it to the dark web, cybersecurity researchers are saying.

A blog post fromvpnMentorrevealed how someone posted a new thread on an online forum, with a database allegedly containing personally identifiable information (PII) of some 8,000 Decathlon employees.

The database, published on September 7, was 61MB in size, and apparently contained enough sensitive information to run a phishing campaign oridentity theft: full names, usernames, phone numbers, email addresses, countries and cities of residence, authentication tokens, and photos.

Misconfigured databases

The data was taken in 2021. Back then, vpnMentor reminds, a tech and consulting company Bluenove partnered with Decathlon for its Vision 2030 campaign. Bluenove is a firm working on “massive collective intelligence”, while Decathlon is a French sporting goods retailer. During the Vision 2030 campaign, Bluenove surveyed Decathlon’s employees and customers.

It stored the data it generated in anAmazonWeb Services (AW) S3 bucket, which was misconfigured. As a result, someone stole the data residing there before Bluenove managed to lock it down in mid-April that year.

Now, two years later, the data has surfaced, and according to mentorVPN, chances are it’s legitimate. “While we no longer have the data samples from the original leak incident due to our retention policy, our report from before shows that the data shared in the sample posted by the hacker is consistent with the data we found two years prior,” vpnMentor wrote in a blog post. “This confirms that the recently shared database is authentic.”

Bluenove acknowledged the existence of the data leak, the researchers said, adding that they’re advising the consulting company on how to mitigate the damage. While Decathlon and its employees are the real victims here, the company cannot be blamed, and could have done nothing to prevent this from happening, the researchers concluded.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Dangerous Android banking malware looks to trick victims with fake money transfers

Sophos Firewall hack on government network used an all-new custom malware

Best lightweight Linux distro of 2024