Lidl has warned customers about a security incident that exposed personal information stored by an external service provider, prompting concerns after initial reports suggested banking details may have been at risk. The retailer said the breach affected data linked to its online store but stressed that payment information, bank account details, passwords, and delivery addresses were not compromised because they are stored separately from the affected systems.
According to Lidl, unauthorized parties gained access to customer information associated with its webshop. The exposed data includes names, email addresses, telephone numbers, dates of birth, and customer identification numbers. The company has not disclosed how many customers were affected or how the attackers gained access to the data.
The retailer said there is currently no evidence that the stolen information has been misused. Even so, customers have been advised to remain alert for phishing emails, fraudulent phone calls, or text messages that may attempt to exploit the exposed personal information by impersonating Lidl or other trusted organizations.
Lidl notified affected customers by email after discovering the incident and reported the breach to the Dutch Data Protection Authority, as required under applicable data protection rules. The company has not said whether law enforcement agencies are investigating the incident or whether the attackers demanded a ransom.
Although financial information was not exposed, cybersecurity experts note that names, email addresses, phone numbers, and dates of birth can still be valuable to cybercriminals. Such information is commonly used to craft convincing phishing campaigns or support identity fraud when combined with data obtained from other breaches. This risk exists even when banking credentials remain protected.
Lidl has not identified the external service provider involved or disclosed what additional security measures have been implemented following the breach. The company also has not confirmed whether the compromised data has appeared on cybercrime forums or been offered for sale online. At this stage, there is no public evidence indicating that the stolen customer information has been distributed by the attackers.