GlobalRetail Inc. has confirmed a data breach affecting approximately 45 million customer records. The breach was discovered on December 30, 2024, after anomalous data exfiltration patterns were detected by the company’s SIEM platform.
Attack Details
Attackers exploited a known vulnerability in the company’s API gateway that had not been patched despite a fix being available for three months. The exploit allowed authentication bypass, giving attackers access to the customer database.
Compromised data includes:
- Full names and email addresses
- Hashed passwords (bcrypt)
- Physical addresses
- Purchase history
- Partial payment card numbers (last 4 digits)
Response
GlobalRetail has engaged a leading incident response firm and has notified affected customers. The company is offering two years of free credit monitoring. Law enforcement, including the FBI, has been notified.
Lessons Learned
This breach underscores the critical importance of timely patch management, particularly for internet-facing systems. The vulnerability had a public exploit available for weeks before the breach occurred.