A hacker group known as 888 has claimed responsibility for a data breach targeting Shell, the British multinational oil and gas company. The breach, allegedly impacting around 80,000 individuals across multiple countries, has raised significant concerns about data security within the organisation.
The compromised data includes sensitive information such as shopper codes, names, email addresses, mobile numbers, postcodes, site addresses, and transaction details. This information reportedly pertains to Australian users, specifically linked to transactions at Reddy Express (formerly Coles Express) locations in Australia. The hacker, using the pseudonym Kingpin, shared samples of the data on a popular hacking forum, indicating that the breach occurred in May 2024.
The breach affects individuals in several countries, including the United States, United Kingdom, Australia, France, India, Singapore, the Philippines, the Netherlands, Malaysia, and Canada. The extensive range of affected regions stresses upon the potential severity and widespread implications of the breach for Shell’s customers and stakeholders.
At present, there has been no official statement from Shell confirming the breach. The Cyber Express reached out to Shell for verification, but no response has been received. This lack of confirmation leaves the authenticity of the claims uncertain, though the potential risks to those involved are considerable.
This is not the first time Shell has faced cyberattacks. In the past, the company experienced a ransomware attack and a security incident involving Accellion’s File Transfer Appliance. These past events highlight the persistent threat cybercriminals pose to the energy sector.
In response to previous incidents, Shell emphasised its commitment to cybersecurity and data privacy. The company has initiated investigations into the recent claims and is working to address any potential risks. Shell has also engaged with relevant regulators and authorities to ensure compliance with data protection regulations and to mitigate the impact of any breaches.
The situation is still unfolding, and The Cyber Express continues to monitor the developments closely.
The alleged Shell data breach by hacker group 888 serves as a reminder of the vulnerabilities that even large multinational corporations face in the digital age. As investigations continue, the importance of robust cybersecurity measures and vigilant monitoring cannot be overstated.
