Cyber Incident Victim: Aditya Birla Group

In early December 2021, the Aditya Birla Group (ABG), a Mumbai-based Fortune India 500 conglomerate, suffered a cyberattack targeting its subsidiary Aditya Birla Fashion and Retail Ltd. (ABFRL). The threat actor group ShinyHunters contacted DataBreaches.net during the active breach, claiming ABG had detected their intrusion early but failed to fully evict them. ShinyHunters demonstrated unauthorized access to extensive employee data, providing database headers that included PoornataID, BirthDate, Emailid, SalaryGrade, Religion, ManagerEmailId, and other sensitive HR fields. They also asserted possession of customer data and specifically referenced compromising credit card information with CVV codes and expiration dates from ABFRL’s Pantaloons.com division. Despite multiple attempts by DataBreaches.net to contact ABG via email, the company provided no public response or acknowledgment of the incident during the initial breach window.

By January 11, 2022, ShinyHunters escalated their actions after failed negotiations with ABG, leaking portions of the stolen data on a public forum. The leaked datasets reportedly included information from Pantaloons.com and Jaypore.com, though the hosting platform initially removed the published material. ShinyHunters persisted by reuploading the data elsewhere. The breach exposed employee details across multiple dimensions—personal identifiers, employment history, managerial hierarchies, and compensation grades—while customer impacts centered on financial data exposure. ABFRL’s Pantaloons division had not notified affected customers about the compromise as of the report date, leaving the scope of financial fraud or identity theft risks unaddressed publicly. The absence of confirmed containment measures or victim communications underscored unresolved vulnerabilities in ABG’s response cycle.