
Fashion giant H&M reportedly exposed millions of United Arab Emirates (UAE) customers, with leaked details revealing personal and sensitive information. H&M said they're probing the situation.
Attackers posted the stolen data on a popular data leak forum that malicious attackers utilize to exchange stolen data. The Cybernews research team looked into the public data sample and surmised that the details appear to be legitimate. Meanwhile H&M said the company's investigating hacker claims.
“We are aware of the situation and are looking into it,” H&M representative told Cybernews.
The stolen dataset, attackers claimed, includes over 4 million customer records and 1.4 million address-related records, weighing a total of 8 GB. Details included in the data sample point to H&M‘s customer profiles that attackers must’ve gotten a hold of. The exposed details appear to include:
- First and last names
- Email addresses
- Home addresses
- Billing information
- Shipping data

If confirmed, the leak could prove to be a headache for exposed customers. For one, attackers may use the stolen details for identity theft and phishing attacks. Since malicious actors know that the data belongs to people who are not adverse to shopping for clothes online, they could target unsuspecting victims with custom-made phishing campaigns.
H&M is a major fashion retailer best known for its fast fashion business model. The fashion giant raked in nearly $16 billion in sales over the first nine months of 2024. H&M has a noticeable presence in the UAE, with 20 locations in Dubai and Abu Dhabi.
Updated on January 29th [01:00 p.m. GMT] with a statement from H&M.
Your email address will not be published. Required fields are markedmarked