Japan’s largest taxi operator shuts systems after cyberattack

German discount supermarket chain Lidl notified customers in Germany, Belgium, and the Netherlands that attackers stole their personal information in a breach at a service provider.

Lidl, owned by Schwarz Group, the largest food retailer in Europe, has over 376,000 employees and operates 12,000 stores across Europe and the United States.

The discount giant notified affected customers of the incident over email last week and published separate notifications on its support websites in Belgium and the Netherlands.

As detailed in these alerts, the breach was discovered last week, with attackers stealing data from customers who used Lidl’s online shop.

“Despite high IT security standards, unknown individuals briefly gained access to a separately stored file containing customer data, and part of the data was stolen from it. The online shop’s system itself was not affected,” the company said.

“The stolen data contains customer information belonging to our online shop customers (salutation, first and last name, telephone number, email address, date of birth, customer number).”

Lidl said the threat actors didn’t gain access to the online shop’s systems and that it can rule out the possibility that the breach involves affected customers’ passwords, payment information, and addresses.

The supermarket giant also notified the Dutch Data Protection Authority of the data breach and advised affected customers to be wary of potential phishing attacks that might use the stolen information.

“We have currently no concrete evidence of data misuse. Nevertheless, as a precaution, we warned affected customers against possible phishing attempts or identity abuse,” a Lidl spokesperson told BleepingComputer.

“It’s important to note: The online shop’s system itself was not affected. Passwords, billing and shipping addresses, bank details, or other payment information belonging to our customers are explicitly not affected. Customer accounts were not compromised.”

The hacked IT service provider has also filed a police report and engaged IT forensic experts to investigate the full scope and impact of the incident.

Update July 13, 14:33 EDT: Added Lidl statement.

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Insurance giant Aflac discloses data breach after subsidiary hack

Pharma giant Novo Nordisk discloses breach of clinical trials data

AssuranceAmerica data breach exposes records of 6.9 million drivers

Accenture confirms breach after hacker offers stolen data for sale

Infinite Campus data breach affects 137,000 school staff accounts

Claude Fable 5 stays free for paid users until July 19 as Anthropic buys more time

Australia warns of global campaign targeting vulnerable CMS platforms

‘Ghostcommit’ hides prompt injection in images to fool AI agents, steal secrets

How Mature Is Your AI Security Program? Take the Free AI Maturity Assessment.

Your Scanners Are Green. Your Pipeline Might Not Be. Here’s How to Close the Gap.

AI is a data-breach time bomb: Read the new report?utm_source=bleepingcomputer&utm_medium=referral&utm_campaign=bleepingcomputer_referral&utm_content=article

#1 MSP Benchmark report 2026: Insights from 1,000+ MSPs on growth, security, artificial intelligence, and key 2026 trends.

Overdue a password health-check? Audit your Active Directory for free

Terms of Use – Privacy Policy – Ethics Statement – Affiliate Disclosure

Read our posting guidelinese to learn what content is prohibited.