The Danish jewelry company Pandora
Pandora is one of the largest jewelry brands in the world with 2,700 stores and more than 37,000 employees. has confirmed the leak of personal data of customers due to a hacker attack. It is not yet known what the scale of the attack is and whether it has spread to the Ukrainian network.
“We are writing to let you know that Pandora has experienced a cyberattack in which some customer information was accessed through a third-party platform we use,” the company wrote in the emails sent to affected customers. “We want to assure you that the attack has been stopped, and as a result, we have further strengthened our security measures.”
Pandora emphasizes that “only common types of data” were stolen, such as names or email addresses. Passwords, credit card information, and other sensitive information are safe, although the extent of the attack or the total number of affected customers has not been disclosed.
The company is also conducting its own investigation, which has found that “no data has been misused so far,” and recommends that users be vigilant and monitor unsolicited emails or online interactions requesting their data.
“We recommend that you do not click on links or download attachments from unknown sources,” the message says.
The names of the attackers have not been officially disclosed, but BleepingComputer claims that the attack was most likely the work of ShinyHunters, who hacked into Salesforce’s Pandora database. Since January 2025, hackers have been using various social engineering and phishing tactics to find their way into Salesforce’s corporate databases, and one of them seems to have worked. In this case, they will either demand a ransom or try to sell the data on the darknet.
On the other hand, Salesforce said that its platform was not compromised:
“Salesforce was not compromised, and the issues described are not related to any known vulnerability in our platform. While Salesforce builds enterprise-grade security into everything we do, customers also play a critical role in keeping their data secure, especially as sophisticated phishing and social engineering attacks continue to grow.”
Source: BleepingComputer, TechRadar
Spelling error report
The following text will be sent to our editors: