Fashion retailer Zara has confirmed that data belonging to roughly 197,000 customers was exposed in a breach — but the good news is that the most sensitive information (passwords, payment details, full addresses, and phone numbers) was not compromised. What was leaked: email addresses, product order IDs, and records from customer support tickets, along with the general region where each ticket originated.
The breach didn’t hit Zara’s own systems directly. The hacking group ShinyHunters gained access through a former technology provider’s database, using stolen authentication credentials to reach cloud storage containing Zara customer support data. Zara’s parent company, Inditex, confirmed it activated its security protocols immediately and notified the relevant authorities. The stolen data has since appeared on Have I Been Pwned, the free service that tracks public data breaches.
How to check if you’re affected
Affected products are Zara online shopping accounts whose email addresses appear in the exposed customer support records.
- Visit haveibeenpwned.com, enter your email address, and check if it appears in the Zara breach.
- If your email was exposed, be extra alert for phishing emails pretending to be from Zara, Inditex, or even your bank — scammers buy leaked email lists quickly.
- You don’t need to change your Zara password (no passwords were taken), but it’s a healthy habit if you haven’t done so recently.