Inditex Reports Data Breach via Former Third-Party Technology Provider
Learn More
Inditex, the Spanish fashion giant and parent company of Zara, reports a data breach on April 16, 2026, involving unauthorized access to databases managed by a third party.
The incident was reported following a security breach at a former technology provider that impacted several international companies. Inditex claims that the breach was limited to transaction-related information and did not affect its own internal systems or operations.
The compromised data includes:
- Customer transaction records
- Commercial interaction logs
- Purchase history metadata
The number of affected individuals is not disclosed. Inditex emphasized that the affected databases did not contain sensitive personal or financial information, such as customer names, home addresses, passwords, or bank card details.
Inditex is notifying relevant regulatory authorities. The company stated that its internal operations and systems are not affected, allowing customers to continue using its services safely. A spokesperson for the retailer declined to provide further details regarding the identity of the former technology provider or the specific nature of the vendor's security lapse.
