Cyber Incident Victim: Love Bonito

On December 10, 2019, Love Bonito discovered malicious code had been added to its e-commerce website, prompting an immediate investigation. The Singapore-based fashion retailer publicly disclosed the breach via customer emails on December 13, characterizing the incident as unauthorized access to personal and payment card information. Company representatives confirmed taking swift action to remove the malicious code and implement additional security measures across their systems. While the exact number of compromised accounts remained unspecified during initial reporting, Love Bonito stated only a "small number" of customers were impacted. The organization engaged external data security experts to conduct forensic analysis and coordinated with Singaporean authorities including the Personal Data Protection Commission and Police Force. No technical specifics regarding the code's functionality or intrusion methods were released during the active investigation.

The confirmed consequences involved potential exposure of customer credit card details and personally identifiable information. Love Bonito advised affected individuals to monitor financial accounts for unauthorized transactions, immediately report suspicious activity to their banks, and request card replacements if necessary. Customers were also instructed to enable two-factor authentication on payment cards as a protective measure. To address potential long-term risks, the company announced plans to provide complimentary credit monitoring services, though enrollment details remained pending at the time of disclosure. Internal response efforts focused on securing compromised systems while maintaining cooperation with law enforcement and regulatory bodies throughout the investigative process. No further updates regarding attacker attribution or detailed forensic findings were communicated in the immediate aftermath of the breach notification.