LuLu
What Happened
In July 2024, the Emirati-based LuLu retail store suffered a data breach. The impacted data included 190k email addresses and associated phone numbers which were subsequently shared on a popular hacking forum. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker". The following month, the threat of leaking the full database was carried out and a backup from October 2022 with a further 2.6M unique email addresses appeared. This data also included names, physical addresses, orders and PBKDF2 password hashes.
Compromised Data
Recommended Actions
Change Your Password
If you haven't changed your password on this service since the breach, do so immediately.
Enable Two-Factor Authentication
If 2FA is supported, add an extra layer of security to your account.
Check Other Accounts
If you used the same password elsewhere, change those too.
Monitor for Suspicious Activity
Watch for unusual login attempts, spam and phishing emails.
Breach Overview
-
Affected Accounts:
2.8 million
-
Breach Occurred:
July 2024
-
Added to HIBP:
2 Aug 2024
Recommended Actions
Change Your Password
If you haven't changed your LuLu password since 2024, do so immediately.
Enable Two-Factor Authentication
Add an extra layer of security to your account.
Check Other Accounts
If you used the same password elsewhere, change those too.
Monitor for Suspicious Activity
Watch for unusual login attempts or messages from your account.
