A data leak forum member has claimed to have access to the customer data of Kewal Kiran Clothing Ltd (KKCL), a major branded apparel manufacturer in India.
The person under the alias IntelBroker claims to have access to a large database of Kewal Kiran Clothing customers.
“In January 2023, a database of 1.3 million customers belonging to Kewal Kiran Clothing, one of India’s largest branded apparel manufacturers, was stolen by hackers,” said the post on the Breach Forums.
The post on Breach Forums, made on Wednesday, had some sample data. An initial analysis by The Cyber Express found that many of the internal employee email addresses were listed, which indicates that the leaked data may be genuine.
Kewal Kiran Clothing and the scale of data breach
The breach happened days after the announcement of KKCL teaming up with the Board of Control for Cricket in India (BCCI) to become the official sponsor of the Indian cricket team.
The company has a network of over 350 stores. Under the agreement with the BCCI, the Indian cricket team members will sport the “Killer” brand logo on their jerseys.
KKCL manufactures a range of products including jeans, semi-formal wear, and casual wear for both men and women. Their in-house design team creates products under popular Indian fashion brands such as Killer, Lawman, Pg3, Easies, K-Lounge, and Integriti.
The company was listed in April 2006 and has a current market capitlaisation of ₹26.62 billion ($320 million).
Kewal Kiran Clothing, fashion brands, and data breaches
Fashion brands and apparel manufacturers have been increasingly facing data breaches and ransomware attacks recently.
Indian fashion business brand Aditya Birla Fashion and Retail disclosed a data breach in January 2022, in which over 5.4 million email addresses of its customers were exposed.
Italian luxury fashion house Zegna confirmed a ransomware news attack in August 2021, which caused a significant interruption to its IT systems.
Shein, the world’s largest fashion retailer as of 2022, faced a data breach in 2018. In October 2022, Zoetop, the company behind the fashion brands Shein and Romwe, was fined $1.9 million by the state of New York for inadequate handling of a security incident.