Shoe Zone customer data could be for sale on the dark web  


Popular footwear retailer Shoe Zone has experienced a data breach, which could have put thousands of its customers at risk. The company reportedly lost control of its customer data after a cyber incident by IntelBroker.

IntelBroker, a known ‘threat actor’, has a history of selling compromised data on underground forums. Criminals commonly buy such data to commit fraud and identity theft, so affected Shoe Zone customers must take immediate steps to protect themselves. This means:  

Protecting your finances

Cancel any cards affected by this breach and contact your bank or credit card provider immediately if you spot any unfamiliar transactions or suspicious activity. It’s also worth keeping an eye on your credit score for any unexpected dips and contacting all the major credit reference agencies to ensure credit isn’t taken out in your name. 

Watching out for further attacks

Be on your guard in case criminals try to use the information stolen in the breach to extract additional information from you. Do not send any money to anyone without being absolutely sure where it is going and why. 

Putting some data protection best practices in place

If your data is at risk, there are some steps you can take to stop the threat from escalating. For example, you could register with the Cifas protective registration service. You should also change your passwords and make sure your devices are protected by up-to-date internet security software. 

What data was stolen in the Shoe Zone breach?

According to reports, the compromised data includes customers 

The stolen data includes sensitive personal and financial information, so the breach poses a significant risk to affected customers.   

What can you do if you are affected by the Shoe Zone data breach?

At this stage, we do not have confirmation on whether the breach affects both offline and online shoppers. However, the retailer posted a notice on its website stating that affected individuals will be notified. 

KP Law has launched a no-win, no-fee group action claim to help victims living in England & Wales claim compensation. If you receive notification that you are involved in this breach, sign up below and we will be in touch with more information.   

In March 2024, our firm changed its name to KP Law. 

Share this article: