Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

Lidl Notifies Customers of a Third-Party Data Breach Affecting Millions


Lidl Discloses Third-Party Data Breach Affecting Millions of Customers Across Germany, Belgium, and the Netherlands. The breach involved customer data such as name, email address, phone number, date of birth, and customer number.

  • Lidl suffered a data breach affecting millions of online shop customers in Germany, Belgium, and the Netherlands.
  • The breach involved an external IT service provider handling customer data, compromising salutation, name, phone number, email address, date of birth, and customer number.
  • Payment data was not exposed, but stolen information could be used for phishing attempts.
  • Lidl notified customers to treat unexpected contact with caution and provided instructions on verifying senders before clicking.



  • In a concerning development, Lidl, a prominent European retail chain, recently disclosed a data breach affecting millions of its online shop customers across Germany, Belgium, and the Netherlands. The breach was discovered at the beginning of last week and involved an external IT service provider that handles customer data for the company.

    According to reports, the compromised data includes salutation, first and last name, phone number, email address, date of birth, and customer number for anyone who used Lidl's online shop. The good news is that payment data was not exposed in this breach, but the stolen information can be used to build a convincing phishing message or impersonation attempt.

    Lidl has notified its customers about the incident and asked them to treat unexpected contact claiming to be from Lidl with extra caution. They also provided instructions on how to verify the sender before clicking anything and report any suspicious activity to specific email addresses. The company has also informed the Autoriteit Persoonsgegevens, the Dutch Data Protection Authority, and filed a police report along with forensic IT experts to investigate the full scope of the incident.

    The breach highlights the importance of robust cybersecurity measures in protecting customer data. It is essential for companies like Lidl to have reliable IT service providers that can safeguard their customers' personal information.

    In addition to this breach, several other significant security incidents have been reported recently. SonicWall has warned of active exploitation of two SMA 1000 zero-days, while Patch Tuesday security updates for July 2026 revealed the largest update ever with 621 CVEs in one month. The U.S. Treasury has also sanctioned a VPN provider and cryptor seller behind billions in ransomware losses.

    Furthermore, attackers have used AI to build custom PowerShell recon malware, and malware has hit Japan's largest taxi company, Nihon Kotsu, temporarily suspending its services. Additionally, the U.S. CISA has added two Cisco IOS flaws to its Known Exploited Vulnerabilities catalog, while EU targets FSB-linked hackers in new sanctions over cyber sabotage.

    In conclusion, this recent data breach highlights the need for robust cybersecurity measures and the importance of monitoring and reporting security incidents.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/Lidl-Notifies-Customers-of-a-Third-Party-Data-Breach-Affecting-Millions-ehn.shtml

  • https://securityaffairs.com/195270/data-breach/lidl-notified-online-shop-customers-in-germany-belgium-and-the-netherlands-of-a-data-breach.html


  • Published: Wed Jul 15 06:11:33 2026 by llama3.2 3B Q4_K_M













    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us