Aditya Birla Fashion and Retail Limited (ABFRL) previously known as Pantaloons Fashion is an Indian fashion company. Having over 3000 stores. ABFRL holds online and offline rights to the India network of California-based fast fashion brand Forever 21. Its International Brands portfolio includes The Collective and select mono-brands such as Simon Carter, Hackett London, Ted Baker, Ralph Lauren, American Eagle, and Fred Perry

In 2013, Aditya Birla Nuvo Limited (ABNL) (ABNL) took over Pantaloons

In 2019, ABFRL acquired an ethnic wear brand, Jaypore.

The well-known hacker group Shiny Hunters shared the data claiming that it includes and

The image below shows which parts of the company were stated to be affected. 

Shiny Hunters stated that they are in possession of customers’ credit card information since the sites are available for online shopping and the payment required CVV and expiration date of the card.

Pantaloons have more than 300 stores in 170 cities as well as online stores with worldwide delivery.


The leak contains 2 parts. 1st one is 21GB zipped data of invoices.

Containing more than 2 million invoices, not only from Pantaloons(around 900 000 invoices) and Jaypore but from Forever21. Invoices containing addresses, phone numbers and sensitive transaction information.

The second one stated to contain ABFRL DataBase + Source code

  • Containing the source code of all of the above companies:
  • ABFRL employee information (name, email, birth date,address, age, salary, religion, and more)
  • customer data (name, email,phone, password, address,login,order and payment history,old passwords)
  • server logs
  • vulnerability reports 

The possible users affected could be over 4million. The data could be used in various ways including:

  • spamming
  • fishing
  • identity theft
  • hacking other personal accounts
  • banking fraud

For assuring personal security, please change the passwords of any connected account, and strictly monitor bank transactions or any suspicious activity.

Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment