In a concerning development, cybersecurity researchers have identified a significant breach involving Decathlon employee data that occurred two years ago. Recent findings suggest that this pilfered data has resurfaced on the dark web, posing a considerable security threat.
The alarm was initially raised in a blog post by vpnMentor, which disclosed that a database, allegedly containing personally identifiable information (PII) of approximately 8,000 Decathlon employees, had surfaced on an online forum. The database, published on September 7, weighed in at 61MB and contained a wealth of sensitive information that could potentially be used for malicious purposes. This included full names, usernames, phone numbers, email addresses, countries and cities of residence, authentication tokens, and even photographs.
It’s important to note that this data dates back to 2021. At that time, a tech and consulting firm called Bluenove had collaborated with Decathlon for its Vision 2030 campaign. The aim of the campaign was to harness “massive collective intelligence.” Decathlon, a renowned French sporting goods retailer, sought insights from its employees and customers through Bluenove’s surveys.
The data generated during this campaign was stored in an Amazon Web Services (AWS) S3 bucket. However, due to misconfiguration, the data was compromised, and an unauthorized party managed to gain access before it was secured by Bluenove in mid-April of that year.
Fast forward two years, and the stolen data has re-emerged, prompting concerns about its legitimacy. According to vpnMentor, their previous findings align with the data shared by the hacker, affirming the authenticity of this recently disclosed database.
Bluenove has acknowledged the data breach, and researchers are now providing guidance to the consulting company on how to mitigate the potential damage. While Decathlon and its employees are the unfortunate victims in this data breach, it’s essential to note that the blame cannot be attributed to the company, as this incident was the result of a misconfiguration that was challenging to predict or prevent.
The breach serves as a stark reminder of the importance of robust data security measures and the ongoing need for vigilance in the ever-evolving landscape of cybersecurity.