Customers in three countries have had some of their data stolen
Lidl confirms cyberattack at third-party IT service provider that exposed customer data including names, phone numbers, emails, dates of birth, and customer numbers
Passwords, payment details, and addresses were not affected, but the company warns of phishing risks and urges vigilance against identity fraud attempts
Incident was contained quickly, reported to authorities, and investigated by forensic experts; Lidl operates ~12,900 stores across 32 countries
Lidl is warning its customers of a cyberattack which may have affected some of their personal information stored with the company.
In a data breach notification published on its Netherlands, Belgium, and Germany websites, the German discount supermarket chain said an IT security incident at one of its IT service providers affected some of the data stored by Lidl Online Shop customers.
“We were informed of this incident at the beginning of the week,” a machine-translated notification reads. “Despite high IT security standards, unknown persons briefly gained access to a separately stored file with customer data and part of the data was stolen from it. The system of the online shop itself is not affected.”