Security News > 2021 > January > Bonobos clothing store confirms breach after hacker leaks 70GB database

Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information after a cloud backup of their database was downloaded by a threat actor.
Bonobos started as an online men's clothing store but later expanded to sixty locations to try on clothes before purchasing them.
Last weekend, a threat actor known as ShinyHunters, who is notorious for hacking online services and selling stolen databases, posted the full Bonobos database to a free hacker forum.
After BleepingComputer contacted Bonobos about the leaked database, the clothing store told us that the threat actors did not gain access to internal systems but rather to a backup file hosted in an external cloud environment.
Update 1/24/21: Bonobos has begun to email data breach notifications to affected customers, as shown below.
Update 1/24/21: Bonobos has begun to email data breach notifications to affected users.
News URL
Related news
- Hackers lurked in Treasury OCC’s systems since June 2023 breach (source)
- CISA warns of increased breach risks following Oracle Cloud leak (source)
- Lazarus hackers breach six companies in watering hole attacks (source)
- Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach (source)
- Luna Moth extortion hackers pose as IT help desks to breach US firms (source)
- Twilio denies breach following leak of alleged Steam 2FA codes (source)
- Russian hackers breach orgs to track aid routes to Ukraine (source)
- Chinese hackers breach US local governments using Cityworks zero-day (source)
- Ivanti EPMM flaw exploited by Chinese hackers to breach govt agencies (source)
- Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages (source)