Australian dive store Adreno reportedly impacted by a data breach affecting over 500k customers

A significant data breach has allegedly impacted Adreno, a prominent online dive store based in Australia, affecting the personal information of more than 500,000 customers.

A threat actor operating under the alias “worry” has claimed responsibility for the breach, which reportedly occurred in July 2024. The hacker announced the breach on a hacking forum on August 7, 2024, where they boasted about having accessed and extracted a vast amount of customer data.

The stolen data appears to have been sourced from Adreno’s Shopify database and includes extensive internal sales data for each customer. The hacker has provided a link to a sample of the data on a paste site, which, despite some empty fields, contains personal addresses and emails.

Total of 536,519 customers are affected, with compromised data including:

• Full names
• Email addresses
• Phone numbers
• Residential addresses
• Dates of birth
• Customer ID numbers
• Opt-in details for SMS notifications
• Loyalty reward program information
• Credit information
• Other personal interests of customers

Adreno has yet to respond to inquiries about the alleged breach.

On August 5, 2024, the same threat actor claimed responsibility for a breach involving the data of over 1 million customers of the Australian furniture store Early Settler.