Spreadshirt hack: attackers gained access to user data, including bank details and PayPal addresses

Published: 12 July 2021
Last updated: 10 October 2021
Spreadshop hacked

On Thursday, Spread Group warned their users of a “security incident where an unauthorized party attempted to access [the] platform.” Today, the company confirmed that it had suffered a data breach took where attackers got their hands on a variety of user data, including payment details.

Spread Group warned their customers, including those of Spreadshop, Spreadshirt, and TeamShirts, that “unidentified perpetrators” hacked the company’s servers and gained access to the data stored therein.

Information “accessed” by the threat actors includes street addresses, hashes of passwords saved before 2014, as well as “bank account details and/or PayPal addresses.”

ADVERTISEMENT

Spread Group published a security advisory titled ‘Security Incident July 2021’, stating that “the company’s crisis team is working with external cyber-security specialists to systematically investigate these events.”

According to the statement, the hack mainly affected Spread Group’s customers, partners, and external suppliers.

“Also affected are the payment details of a small number of customers who made payments to Spreadshirt, Spreadshop or TeamShirts via bank transfer, or who have received a refund via bank transfer. According to the latest information from our investigations, the hacked servers did not contain the bank details of any other groups of customers.”

Spread Group

“In addition, the bank account numbers and PayPal addresses of partners who have received commission payments from Spread Group were also affected,” reads the advisory.

#SpreadGroup was the target of an organized cyber-attack which was carried out with considerably vicious criminal intent. Our day-to-day operations have not been impacted by this incident. All news at: https://t.co/X7m1TDQRaD #spreadshirt #spreadshop pic.twitter.com/Sy4TAz3UX0

Next steps

Following the incident, the company urges affected Spreadshop, Spreadshirt, and TeamShirts users to change their account passwords.

ADVERTISEMENT

If you have an account with Spreadshop, Spreadshirt, or TeamShirts, we also recommend you:

  • Enable two-factor authentication (2FA) on all your online accounts.
  • Consider using a password manager to create unique strong passwords and store them securely.
  • Set up identity theft protection with your financial institution of choice.

More from CyberNews:

Threat actors scrape 600 million LinkedIn profiles - again

CyberNews personal data leak checker: see if your online accounts were exposed in previous security breaches

Secure your device with best VPN services

This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto

Dark innovation: scammers innovate to keep ahead of regulation

Subscribe to our newsletter

ADVERTISEMENT
Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked