LuLu

What Happened

In July 2024, the Emirati-based LuLu retail store suffered a data breach. The impacted data included 190k email addresses and associated phone numbers which were subsequently shared on a popular hacking forum. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker". The following month, the threat of leaking the full database was carried out and a backup from October 2022 with a further 2.6M unique email addresses appeared. This data also included names, physical addresses, orders and PBKDF2 password hashes.

Compromised Data

Email addresses
Names
Passwords
Phone numbers
Physical addresses
Purchases

Recommended Actions

Change Your Password

If you haven't changed your password on this service since the breach, do so immediately.

Enable Two-Factor Authentication

If 2FA is supported, add an extra layer of security to your account.

Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password

Breach Overview

  • Affected Accounts:

    2.8 million

  • Breach Occurred:

    July 2024

  • Added to HIBP:

    2 Aug 2024

Recommended Actions

Change Your Password

If you haven't changed your LuLu password since 2024, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

1Password

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password