Zara Data Breach Exposes 197,400 Customers via Retired Provider Tokens

Third-party data hosting has become the persistent breach vector for retail brands that long ago hardened their direct-customer infrastructure. The Zara data breach disclosed in April, and updated this month by BleepingComputer after Have I Been Pwned’s analysis of the leaked archive, exposed 197,400 customer records pulled from a former technology provider’s BigQuery instance using compromised authentication tokens. Read more.