-
Lidl France has reported a data breach that exposed a customer database that the company’s external IT provider manages.
-
The data breach exposed very sensitive customer info, names, emails, phone numbers, birth dates, and customer IDs. Luckily, passwords, payment details, and user accounts remain safe.
-
Lidl says it’s looking into what happened. The company has already started notifying customers and has informed the French privacy regulator as well.

Lidl’s French subsidiary, Lidl France, just got hit by a data breach, exposing sensitive customer information.
The hackers were able to get access to a customer relationship database, which was located on separate systems from the company’s main system. The company says no passwords or payment information were compromised.
Details of the Security Incident
According to Lidl France’s disclosure, the breach did not hit Lidl’s core website or customer account systems. Instead, criminals accessed an isolated file used for customer relationship management. An outside technology provider stored this file. The attackers viewed or copied some information during a temporary breach.
Lidl stressed its primary website infrastructure remained secure throughout. The affected systems stayed separate from Lidl.fr’s production environment, which limited the damage.
After discovering the intrusion, the IT provider secured the affected environment immediately. Digital forensics teams are already digging into the attack. Lidl also notified CNIL, France’s data protection authority, in compliance with GDPR regulations.
What Information was Exposed
The compromised file contained specific customer details. Here is what attackers accessed:
- First and last names
- Email addresses
- Phone numbers
- Dates of birth
- Lidl customer identification numbers
Meanwhile, Lidl never mentioned the exact number of customers the breach affected.
Lidl says several sensitive categories remained safe. Luckily, the breach didn’t touch passwords, payment cards, bank details, or billing/delivery addresses. Additionally, customer accounts and anything tied to Lidl.fr’s core systems are still secure.
So, the attackers probably couldn’t get their hands on any information that’d let them access accounts or directly process payments.
According to Lidl, there’s no indication of any fraudulent use of the exposed data. However, such categories of information are very valuable to criminals. They could use it for targeted phishing attacks, fake support calls, or identity theft.
Should a scammer posing as a Lidl customer service rep contact a customer using their legitimate phone number, the customer will likely fall for the trick.
Lidl’s Response and Ongoing Investigation
The retailer has contacted affected customers already. It has also taken several steps to contain the incident:
- Securing the affected systems
- Launching a forensic investigation
- Bringing in cybersecurity specialists
- Increasing monitoring for suspicious activity
- Notifying the CNIL
This action follows GDPR rules requiring that EU institutions inform regulators about any data breach that could put consumers at risk.
The regulatory response is part of a broader French effort; the government has allocated €200 million (over 225 million USD) to combat cybercrime.
What Customers Should Watch for
If you get an email or text saying it’s from Lidl, don’t just trust it. It’s how scammers deceive people. Don’t go clicking on random links or opening attachments unless you’re totally sure it’s legit.
Your personal details are valuable; think twice before you hand them over to someone claiming they’re from Lidl. Scammers often exploit data breaches to rip people off – they pretend to be Lidl customer support and ask customers to verify accounts or claim refunds.
Lidl has put out a warning on their website about phishing scams and dodgy sites impersonating the brand to rip people off.
Third-Party Supply Chain Attack is Becoming a Serious Problem
This breach sheds light on how supply chain attacks are becoming a sore thumb in cybersecurity. These days, many companies have dealt with attacks targeting their third-party supply chain partners.
Criminals are going through these channels to access data instead of directly hacking into company systems. Even if a company’s main systems are secure, all it takes is one weak spot in a partner’s system to put sensitive information at risk.
For Lidl France, attackers reached only an isolated customer data file, not production systems. That significantly limited the impact. But exposed information could still support phishing and social engineering attacks.
Lidl maintains there is no evidence that the stolen information has been misused. The forensic investigation continues. The company has not announced whether additional findings or a final affected customer count will be released.