In a concerning development, cybersecurity researchers have identified a significant breach involving Decathlon employee data that occurred two years ago. Recent findings suggest that this pilfered data has resurfaced on the dark web, posing a considerable security threat.
The alarm was initially raised in a blog post by vpnMentor, which disclosed that a database, allegedly containing personally identifiable information (PII) of approximately 8,000 Decathlon employees, had surfaced on an online forum. The database, published on September 7, weighed in at 61MB and contained a wealth of sensitive information that could potentially be used for malicious purposes. This included full names, usernames, phone numbers, email addresses, countries and cities of residence, authentication tokens, and even photographs.