Oil Giant Shell Data Breached, Data of Thousands Leaked on BreachForums

Written by Mitchell Langley

May 30, 2024

Oil Giant Shell Data Breached, Data of Thousands Leaked on BreachForums

Shell Has Reported a Data Breach That Has Affected Thousands of Customers Across Multiple Countries.

The Shell data breach has compromised the personal information of customers in Australia, the UK, France, India, Singapore, the Philippines, the Netherlands, Malaysia, and Canada.

Breach First Reported on Hacking Forum

The alleged data breach was first disclosed on the dark web forum “BreachForums” by a hacker using the name “888”.

According to the post, around 80,000 customer records were stolen from Shell databases.


Oil Giant Shell Data Breached, Data of Thousands Leaked on BreachForums

Types of Data Stolen in Shell Data Breach

The stolen records were claimed to contain various types of sensitive personal details including:

  • Customer codes
  • Names
  • Addresses
  • Email addresses
  • Phone numbers
  • Login credentials
  • Loyalty point balances
  • Proof of Breach Published

As proof, 888 also published sample records of 10 Australians who had shopped at Shell Coles Express fuel stations, matching the fields listed as stolen.

Shell Breach Caused by Third Party: Unclear Which Partner Impacted

While Shell partners with Coles Express for petrol stations in Australia, Coles Express was sold to Viva Energy by Coles in May 2023. It remains unclear whose specific databases may have been breached.

No one has yet independently verified the breach details. Shell also did not acknowledge or comment on the alleged incident when contacted by reporters.

Previous Cyber Attack Targeted Shell in 2022

This is not the first time shell has experienced a cybersecurity incident. Shell has had a fair share of cyber attacks, having been one of many global companies impacted by the massive MOVEit supply chain ransomware incident in mid-2022. The Clop ransomware gang had exploited MOVEit software used by Shell.

If confirmed, this latest Shell data breach raises concerns for the thousands of customers who entrusted their personal information through fuel purchases and reward programs. Compromised login credentials and details could also enable fraud and identity theft.

Customers are urged to watch for any suspicious account activity and monitor statements from Shell as the company potentially looks into this alleged cyber security incident.

Related Articles

How AI is Revolutionizing Phishing Attacks

How AI is Revolutionizing Phishing Attacks

 -  New: New Phishing attacks have long been a major concern for enterprise organizations wordwide. As technology continues to advance, cybercriminals are finding new and innovative ways to exploit vulnerabilities and deceive unsuspecting individuals. In recent years,...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter


Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!