Ochnik, a clothing chain based in Poland, reported a personal data breach on 18 September 2024, following a hacker attack. The breach occurred after attackers exploited a vulnerability in the system of Ochnik’s technology partner, gaining unauthorized access to a technical account. This allowed the attackers to access sensitive customer data, including names, delivery addresses, email addresses, and phone numbers. However, they did not manage to access more sensitive information such as passwords or transaction history.
As soon as the breach was detected, Ochnik’s technology partner acted swiftly by blocking access to the affected system and eliminating the source of the attack. Ochnik emphasized that, so far, there have been no negative consequences from the breach, and the likelihood of further issues arising is considered low. Despite the containment, the company took immediate steps to notify relevant authorities, including the President of the Office for Personal Data Protection, the police, and CERT, to ensure transparency and mitigate any risks.
The company also issued a warning to its customers about potential risks resulting from the breach. These included the possibility of receiving unsolicited marketing messages or phishing attempts, where individuals might try to gain further personal information through suspicious emails or phone calls. Customers were advised to be cautious of such attempts and to report any unusual activity to the relevant authorities to prevent additional risks.
In addition, Ochnik provided practical recommendations for customers to protect themselves from potential harm. Customers were advised to be wary of suspicious emails containing links or requests for more information, avoid sharing personal data over the phone or in response to emails, and closely monitor their online accounts for unauthorized activities. The company also provided contact details for their Personal Data Protection Officer, Małgorzata Rzeszotarska, to address any concerns or inquiries related to the incident.
Reference:
