Lidl discloses online shop breach after service provider hack
German discount supermarket chain Lidl notified customers in Germany, Belgium, and the Netherlands that attackers stole their personal information in a breach at a service provider. [...]
Service providers can expose customer data and systems through weak access controls, insecure integrations, or third-party supply-chain risks.
Search across headline titles and summaries.
Background for this topic.
Service provider is an organization that delivers infrastructure, platforms, software, connectivity, or managed technical operations to customers over a network. In security reporting, the term usually means an external provider whose systems, personnel, or integrations process customer data or administer customer environments. Responsibility is shared: the provider secures the services and underlying environment it controls, while the customer must configure access, data handling, and integrations correctly.
Material risks include compromised provider accounts or administrative interfaces, vulnerabilities in shared software or infrastructure, inadequate isolation between customers, and loss of availability at a dependency. Providers should apply least-privilege access, strong authentication, secure development and vulnerability management, tenant isolation, logging, encryption where appropriate, and tested recovery procedures. Customers need evidence of relevant controls, clear contracts covering data use, privacy, breach notification, audit rights, retention and deletion, and coordinated incident response. Reviews should also address subcontractors, service changes, and how data and operations can be recovered or moved if the service is disrupted.
Weekly headline count for the current query.
German discount supermarket chain Lidl notified customers in Germany, Belgium, and the Netherlands that attackers stole their personal information in a breach at a service provider. [...]
Japanese telecommunications giant KDDI says that millions of people had their email addresses and passwords exposed after attackers breached an email platform used by five internet service providers (ISPs) in the country. [...]
Japanese telecommunications operator KDDI Corporation disclosed a data breach where threat actors gained access to one of its email systems used by five other internet service providers (ISPs) in the country. [...]
Ericsson Inc., the U.S. subsidiary of Swedish networking and telecommunications giant Ericsson, says attackers have stolen data belonging to an undisclosed number of employees and customers after hacking one of its service providers. [...]
A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge devices. [...]
DIY store chain ManoMano is notifying customers of a data breach personal data, which was caused by hackers compromising a third-party service provider. [...]
The Chinese threat actor tracked as UNC3886 breached Singapore's four largest telecommunication service providers, Singtel, StarHub, M1, and Simba, at least once last year. [...]
Photo-sharing platform Flickr is notifying users of a potential data breach after a vulnerability at a third-party email service provider exposed their real names, email addresses, IP addresses, and account activity. [...]
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. [...]
Hackers stole partial payment information and personally identifiable data, including names and government-issued IDs, from some Discord users after compromising a third-party customer service provider. [...]
Hackers stole partial payment information and personally identifying data associated with some Discord users after compromising a third-party customer service provider. [...]
Automotive manufacturing giant Stellantis has confirmed that attackers stole some of its North American customers' data after gaining access to a third-party service provider's platform. [...]
A DDoS mitigation service provider in Europe was targeted in a massive distributed denial-of-service attack that reached 1.5 billion packets per second. [...]
The Alliance for Creativity and Entertainment (ACE) announced the shutdown of Rare Breed TV, a major illegal IPTV service provider, after reaching a financial settlement with its operators. [...]
Microsoft warns that a cyber-espionage group linked to Russia's Federal Security Service (FSB) is targeting diplomatic missions in Moscow using local internet service providers. [...]
Starting June 9, 2025, Russian internet service providers (ISPs) have begun throttling access to websites and services protected by Cloudflare, an American internet giant. [...]
The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on downstream customers' systems. [...]
The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on downstream customers' systems. [...]
German sportswear giant Adidas disclosed a data breach after attackers hacked a customer service provider and stole some customers' data. [...]
Cloud-based streaming company StreamElements confirms it suffered a data breach at a third-party service provider after a threat actor leaked samples of stolen data on a hacking forum. [...]