Mango has become the latest retailer to face a cyber-attack, where “limited” shopper data was stolen from one of its external marketing services.
The fashion chain, which recently reported a sales boost, told customers that data “accessed” by hackers was limited to personal contact details used in its marketing campaigns. This included email addresses, country, first names, telephone numbers and postal addresses. It added that unauthorised access was made via a third-party supplier, based in Spain.
Read more…
Source: Retail Gazette News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Top auto insurance firm leaked over 5 million records
September 24, 2025
ClaimPix, a company which streamlines car insurance claims, was leaking sensitive customer data on the clearweb, including people’s phone numbers, and email addresses, an expert has warned. Security researcher Jeremiah Fowler, known for hunting down misconfigured and unprotected databases, recently found one such instance containing 5.1 million files, sharing his findings with WebsitePlanet. The archive was ...
- EU says ransomware to blame for attack which caused chaos at airports
September 22, 2025
Hundreds of flights across Europe were cancelled and delayed after a ‘cyber-related disruption’ meant electronic customer check-in and baggage drop was taken offline. The EU’s cybersecurity agency ENISA has confirmed the disruption was linked to a ransomware incident, but did not reveal which particular strain was to blame. “The type of ransomware has been identified. Law ...
- Stellantis detects breach at third-party provider for North American customers
September 22, 2025
Stellantis detected unauthorized access to a third-party service provider’s platform that supports its North American customer service operations, the company said in a statement on Sunday. The automaker said the incident, which is under investigation, exposed only basic contact information and did not involve financial details or sensitive personal data. Stellantis did not specify how many ...
- Cyber-attack causes delays at Heathrow and other European airports
September 20, 2025
Heathrow is among several European airports hit by a cyber-attack affecting an electronic check-in and baggage system. The airport warned of possible delays due to a “technical issue” affecting software provided by Collins Aerospace to several airlines. Brussels Airport said a cyber-attack on Friday night meant passengers were being checked in and boarded manually, while Berlin’s ...
- CVE-2025-10035 – Critical unauthenticated RCE in GoAnywhere MFT
September 19, 2025
On September 18, 2025, Fortra published an advisory for CVE-2025-10035. This new vulnerability affects GoAnywhere MFT, an enterprise managed file transfer solution, and allows an attacker to achieve unauthenticated remote code execution. GoAnywhere MFT is a file transfer solution that has been exploited in-the-wild in the past. In 2023, CVE-2023-0669 was exploited in-the-wild as a zero-day, ...
- Threat landscape for industrial automation systems in Q2 2025
September 19, 2025
In Q2 2025, the percentage of ICS computers on which malicious objects were blocked decreased by 1.4 pp from the previous quarter to 20.5%. Compared to Q2 2024, the rate decreased by 3.0 pp. Regionally, the percentage of ICS computers on which malicious objects were blocked ranged from 11.2% in Northern Europe to 27.8% in Africa. ...