A data leak has impacted SABO, a global fashion and design company based in Australia, exposing over 3.5 million customer records. The breach, discovered by cybersecurity researcher Jeremiah Fowler, involved a misconfigured database containing 292 GB of sensitive customer information that was left unsecured and without password protection. The findings were published by vpnMentor and shared with HackRead.com.
The exposed data comprised nearly 3,587,960 records totalling 292 GB of sensitive customer information. It included personally identifiable information (PII) such as customer names, physical and email addresses, phone numbers, and detailed order information for both retail and commercial clients.
Documents like invoices, packing slips, and return documents, dating from 2015 to June 27, 2025, were also part of the exposed records, impacting both retail and commercial customers. Samples from the compromised database provided by Fowler show detailed invoices with specific order dates and product listings.
Risk to Customers
While the records pointed to SABO, it remains unclear if the database was directly managed by them or a third party, nor is it known how long it was exposed or if other parties accessed it. Still, the nature of this data exposure should be concerning for the unsuspected affected individuals.
With personal details and purchasing history exposed without encryption, customers are at risk of targeted cyberattacks. With some social engineering, cybercriminals could exploit this information to compose convincing phishing emails, designed to trick individuals into revealing further sensitive data or financial information.
These types of scams often leverage real order numbers and purchase details, making them incredibly difficult to distinguish from legitimate communications, Fowler explained in the blog post.
Other than phishing attacks, the exposed data could also be used for social engineering attacks, where criminals manipulate individuals into revealing confidential information. The threat of financial fraud also looms large, as bad actors could potentially use the stolen PII to attempt unauthorised transactions or account takeovers.
Protecting Yourself
Although the exposed database was secured shortly after Fowler’s responsible disclosure to SABO, the exposure goes on to show why data encryption is a must. Therefore, always verify the sender’s email address and ensure it matches the official company domain before clicking on any links or downloading attachments.
Be wary of unexpected communications, especially those asking for personal or financial details. It’s always best to use official communication channels, such as directly visiting the company’s website, to verify any suspicious requests.
