ROMWE Discloses Data Security Incident Affecting Shoppers
Fast-fashion retailer ROMWE notified customers of a data security incident involving shopper information, according to a company disclosure carried by Yahoo Finance. The notice indicates the company informed affected users directly and publicly acknowledged that customer data was exposed in the breach, prompting a formal incident response and outreach effort.
The available reporting provides limited technical detail, but the incident appears to involve unauthorized access to consumer data held by the retailer. For CISOs, the event underscores persistent third-party e-commerce and customer-data exposure risks, particularly where online retail platforms store personal information that can be leveraged for fraud, account abuse, or follow-on phishing against affected shoppers.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Weee! Confirms Customer Data Breach Affecting 1.1 Million Users
Online grocery delivery service **Weee!** confirmed a data breach affecting about **1.1 million customers**, after reports surfaced that a large dataset tied to the company had been leaked online. Exposed information reportedly included names, email addresses, phone numbers, home addresses, and account-related details such as delivery preferences, device information, dates, and customer notes left for couriers; some of those notes allegedly contained sensitive building entry instructions. Reporting linked the leaked dataset to a threat actor associated with other high-profile data exposures, including a prior US Cellular-related leak. The compromised records raise risks of phishing, scams, identity fraud, and physical security concerns because the data could help attackers profile victims or misuse address and access details. Weee! acknowledged the incident as scrutiny grew over how consumer delivery platforms store large volumes of personal information and expand exposure through third-party services.
May 25, 2026
Express website flaw exposed customer data in search engine results
Express remediated a website vulnerability that exposed sensitive customer information by allowing it to appear in search engine results. Reporting indicated that at least a dozen customers were affected after publicly accessible pages were indexed, making personal and transactional data discoverable online. The exposed information included names, email addresses, postal, billing, and delivery addresses, order details, phone numbers, and partial payment card information. While the reported scope appeared limited to a small number of customers, the incident involved multiple categories of personally identifiable and purchase-related data at the major U.S. clothing retailer.
May 24, 2026
Mango Customer Data Breach via Compromised Marketing Vendor
Spanish fashion retailer Mango experienced a data breach after one of its external marketing service providers was compromised, resulting in the exposure of customer information. The breach was discovered over the weekend and prompted Mango to immediately activate its security protocols to contain the incident. The compromised data included customers’ first names, countries, postal codes, email addresses, and phone numbers, but did not include last names, passwords, or financial information such as credit card or banking details. Mango emphasized that its own corporate infrastructure and IT systems were not affected by the breach, ensuring that business operations continued without disruption. The company notified affected customers via email, providing details about the nature of the breach and the specific data involved. Mango also reported the incident to the Spanish Data Protection Agency (AEPD) and other relevant authorities in compliance with regulatory requirements. The company established a dedicated email address and telephone hotline to support customers with concerns about the breach. Mango advised customers to remain vigilant for suspicious communications or requests for unusual actions, as the exposed data could be used in phishing attacks. The incident highlights the growing risk of supply chain attacks, where third-party vendors become the entry point for cybercriminals targeting large organizations. Mango’s swift response and transparency in communication were noted, as the company reassured customers that no sensitive financial or authentication data was compromised. The breach is part of a broader trend of cyberattacks targeting retailers and their supply chains, with other major brands in Spain and globally having faced similar incidents in recent months. Mango’s case underscores the importance of robust vendor risk management and the need for continuous monitoring of third-party partners. The company reiterated its commitment to data protection and announced plans to review and strengthen its security measures to prevent future incidents. Customers were encouraged to contact Mango if they noticed any suspicious activity related to their personal information. The breach serves as a reminder for organizations to ensure that their external partners adhere to stringent cybersecurity standards.
Mar 21, 2026