The online jeweler has seen customers’ email addresses, names, phone numbers, and order history hit the streets.
It involves Glamira customers who purchased from the online store on or before Dec. 16, 2023. Shortly after the hack, just over a year ago, it was revealed that personal data had been leaked. It seemed that anyone who had ever purchased customizable jewelry—Glamira’s speciality—was at risk of having their data made public.
Glamira has been added to Have I Been Pwned, revealing that a million accounts have been obtained. New datasets are regularly added to the Have I Been Pwned database, allowing victims to check if their data has ever been leaked. In the case of the Glamira hack, the stolen data was used to send spam emails, among other things.
“In late 2023, the online jewellery store GLAMIRA suffered a data breach they attributed to “an unauthorised individual [who] briefly accessed one of our servers”. The data was subsequently published on a popular hacking forum and included 875k email addresses, names, phone numbers and purchases.,” Have I Been Pwned said when adding the hack to its database. 68 per cent of the data now added appeared to be previously in the Have I Been Pwned database.
It is not known exactly how hackers obtained Glamira’s customer data.