Subj : Pandora confirms data breach - customer data stolen, here's what To : All From : TechnologyDaily Date : Wed Aug 06 2025 12:30:09 Pandora confirms data breach - customer data stolen, here's what we know Date: Wed, 06 Aug 2025 11:23:00 +0000 Description: Jewelry giant Pandora falls for a phishing attack, with sensitive data lost. FULL STORY ======================================================================Pandora notified its customers of a data breach Hackers stole people's names and email addresses Unconfirmed reports named ShinyHunters as perpetrators Jewelry powerhouse Pandora has confirmed suffering a cyberattack which saw it lose sensitive customer information. The company revealed the news in a data breach notification letter sent to affected customers which said, We are writing to inform you that Pandora has experienced a cyber security attack, where some customer information was accessed through a third-party platform that we use. We want to reassure you that the attack has been stopped, and as a result we have further strengthened our security measures. ShinyHunters Pandora stressed that only very common types of data were exfiltrated - names, and email addresses. Passwords, credit card details, and similar confidential data was not taken. The company also said that its investigation determined that the data has not yet been abused, but it recommends users stay vigilant, and keep track of unsolicited email messages, or online interactions asking for their data. Therefore, we recommend that you do not click on links or download attachments from unknown sources, it said. The company did not say who the threat actors were, how they managed to access Pandoras networks, or how many people were affected by this incident. However BleepingComputer claims the attack was most likely the work of ShinyHunters who broke into Pandoras Salesforce database. According to the publication, ShinyHunters has been looking for a way into corporate Salesforce databases since January 2025 and have been using different social engineering and phishing tactics. Apparently, one worked, and ShinyHunters are now saying they will perform a mass sale or leak of companies that decline to pay the ransom. Salesforce, on the other hand, confirmed that its solutions were not compromised. "Salesforce has not been compromised, and the issues described are not due to any known vulnerability in our platform. While Salesforce builds enterprise-grade security into everything we do, customers also play a critical role in keeping their data safe especially amid a rise in sophisticated phishing and social engineering attacks," Salesforce told the publication. You might also like Twilio confirms hackers accessed Authy user phone numbers Take a look at our guide to the best authenticator app We've rounded up the best password managers ====================================================================== Link to news story: https://www.techradar.com/pro/security/pandora-confirms-data-breach-customer-d ata-stolen-heres-what-we-know --- Mystic BBS v1.12 A49 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .