LuLu
Medium Impact•
2,796,835 records affected
•
HaveIBeenPwned
Description
In July 2024, the Emirati-based LuLu retail store suffered a data breach. The impacted data included 190k email addresses and associated phone numbers which were subsequently shared on a popular hacking forum. The following month, the threat of leaking the full database was carried out and a backup from October 2022 with a further 2.6M unique email addresses appeared. This data also included names, physical addresses, orders and PBKDF2 password hashes.
What to do if you're affected
- 1.Change your password immediately if you have an account with this service
- 2.Enable two-factor authentication (2FA) wherever possible
- 3.Check if your email appears in the breach using Have I Been Pwned
- 4.Monitor your accounts for suspicious activity
- 5.Consider using a password manager to generate unique passwords