Share this article on:
A threat actor has listed the data of over 8,000 employees of multinational Dutch brewing company Heineken.
According to threat actor “888” on BreachForums, the data breach occurred earlier this month, and it was listed on the hacking forum on 2 June.
The threat actor, 888, claims to have exfiltrated the data of 8,174 employees across a number of countries, with data including identification, full names, email addresses, company roles and more.
As is common practice, 888 posted a sample of the data, which shows the details of 10 users from countries including Brazil, Nigeria, Indonesia, and the UK.
One of the samples listed seems to be the details of someone who works in the alcohol supply chain for a foreign brewery, which could indicate that users from third-party organisations that have worked with Heineken may be affected. However, this has not been verified by Cyber Daily.
The data is listed for access on BreachForums behind a paywall, indicating that this is not a ransom incident, which would be uncommon for the platform.
Heineken has yet to publish a statement on the alleged incident. Cyber Daily has reached out to Heineken for a statement and additional information on the breach.
Last year, Heineken was involved in a major third-party supply chain attack that affected over 1.5 million people. Threat actors breached the systems of a Netherlands software provider that Heineken had used for market research and surveys for its events. Data included age, gender, education, email addresses and more.
This is also not the first rodeo for 888, who is known for high-profile data leaks. Most recently, 888 listed major oil and gas multinational Shell on BreachForums, uploading 80,000 rows of data belonging to customers in nine countries, including Australia.
The threat actor, 888, posted a sample of the allegedly stolen data, with the details of 10 individuals, all of whom are Australians shopping at Shell Coles Express locations.