Guidance, Protection, Peace of Mind.

Phone us
The recent cyberattack on jewellery retailer Pandora has shown how vulnerabilities in third-party platforms can put customer data at risk. While Pandora’s core systems were unaffected, attackers exploited a partner system to gain access to personal information, highlighting the importance of securing the entire supply chain.

Jewellery giant Pandora has confirmed that they have been the victims of a cyberattack, with customer data breached. The attack was carried out via a third-party platform, rather than through Pandora’s core systems. The data breached was primarily basic personal information such as names, email addresses, and, in some cases, dates of birth. Importantly, passwords, payment details, and other sensitive information were not impacted.

How the Data Breach Occurred

Threat actors appear to have exploited Pandora’s Salesforce environment, accessing it through social engineering and phishing campaigns targeted at employees or help-desk staff. These campaigns were designed to steal credentials or trick staff into approving malicious OAuth applications, thereby granting access to customer data.
The attack is widely believed to be part of a broader campaign orchestrated by a group called ShinyHunters, who have previously targeted multiple corporate victims via Salesforce-linked breaches, demanding ransom by threatening to leak stolen information.

Response and Mitigation

Pandora responded swiftly, terminating unauthorised access and reinforcing its cybersecurity stance. Customers received notifications advising vigilance, particularly with unsolicited emails that could be phishing attempts. Pandora also worked to isolate affected systems and enlisted cybersecurity experts to investigate the root cause and contain the impact.

It is currently unknown if the data breached has been leaked online, such as onto a data leak site. In the statement emailed to affected customers, Pandora said: “We have carried out extensive checks and to date we cannot see any evidence that this data has been shared or published.”

Broader Implications

This incident highlights a growing weakness in modern cyber defence – third-party or legacy systems holding outdated or unmanaged customer data. Data not being actively used can still present valuable targets for attackers, who may exploit them via the supply chain. The Pandora breach, believed to have affected around 30,000 individuals, especially in UK operations, underscores this risk.

Retailers are notably vulnerable, with large customer databases, complex vendor ecosystems, and reliance on SaaS platforms like Salesforce amplifying the threat. Experts now emphasise the need for proactive endpoint protection, real-time threat detection, stringent vendor oversight, and rigorous data retention policies.

What Customers Should Do

It is important to remain vigilant and be wary of any unexpected emails or messages that claim to be from Pandora. Verify authenticity via official channels, avoid any suspicious links or attachments that could be phishing attempts, enable two-factor authentication (2FA) on any accounts associated with the exposed email address, and use unique passwords across different services to limit the potential for fraud.

Conclusion

Pandora’s data breach is a stark reminder that even seemingly innocuous data such as names and email addresses can be weaponised for phishing, fraud, or identity theft. As cyber criminals increasingly exploit weak links in supply chains, businesses must elevate security across every level, from internal systems to every third party they engage.

How AJC Can Help

At A Jolly Consulting, we work with organisations to strengthen their resilience against evolving cyber threats, including those targeting third-party platforms and SaaS environments. Our team can help you:

  • Assess and mitigate supply chain and vendor risks.
  • Implement security controls and monitoring for third-party applications.
  • Review and optimise data retention and protection policies.
  • Conduct social engineering and phishing simulations to identify vulnerabilities.
  • Develop and test incident response plans for rapid containment and recovery.

If your organisation needs expert support to reduce exposure to cyberattacks and safeguard sensitive data, please get in touch with our team.

Contact us on 020 7101 4861 or email us at info@ajollyconsulting.co.uk if you think we can help.


Sources:

https://www.techradar.com/pro/security/pandora-confirms-data-breach-customer-data-stolen-heres-what-we-know

https://www.forbes.com/sites/daveywinder/2025/08/05/pandora-confirms-cyberattackwhat-you-need-to-know/

https://www.bleepingcomputer.com/news/security/pandora-confirms-data-breach-amid-ongoing-salesforce-data-theft-attacks/

https://sentrybay.com/pandora-data-breach-exposes-sensitive-data-of-30000-customers/

https://cybersecuritynews.com/pandora-hacked/

https://hackread.com/pandora-cyber-attack-customer-data-third-party-vendor/

Image accreditation: WikiMedia Commons. Last accessed on 11th August 2025. Available here.

In case you missed it...

FCA romance fraud scam
FCA Warns Banks Over Missed Chances...

The Financial Conduct Authority (FCA) has criticised UK banks and payment firms for repeatedly missing key opportunities to prevent romance...

Read More
Discord data breach
Third-Party Weak Links Exposed by Discord...

The recent Discord data breach has reignited concerns about the security of third-party vendors. Although Discord’s own systems were not...

Read More
BBC business continuity
BBC Report Highlights Urgent Need for...

The BBC has reported on growing government concern over the UK’s preparedness for large-scale cyber-attacks that could shut down critical...

Read More

Get in touch

    By submitting this form you are consenting that your data be handled in accordance with our Privacy Notice and we will be in touch regarding your enquiry.