cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Over 8,000 Heineken employees affected in alleged cyber attack

A threat actor has listed the data of over 8,000 employees of multinational Dutch brewing company Heineken.

user icon Daniel Croft
Tue, 04 Jun 2024
Over 8,000 Heineken employees affected in alleged cyber attack
expand image

According to threat actor “888” on BreachForums, the data breach occurred earlier this month, and it was listed on the hacking forum on 2 June.

The threat actor, 888, claims to have exfiltrated the data of 8,174 employees across a number of countries, with data including identification, full names, email addresses, company roles and more.

As is common practice, 888 posted a sample of the data, which shows the details of 10 users from countries including Brazil, Nigeria, Indonesia, and the UK.


One of the samples listed seems to be the details of someone who works in the alcohol supply chain for a foreign brewery, which could indicate that users from third-party organisations that have worked with Heineken may be affected. However, this has not been verified by Cyber Daily.

The data is listed for access on BreachForums behind a paywall, indicating that this is not a ransom incident, which would be uncommon for the platform.

Heineken has yet to publish a statement on the alleged incident. Cyber Daily has reached out to Heineken for a statement and additional information on the breach.

Last year, Heineken was involved in a major third-party supply chain attack that affected over 1.5 million people. Threat actors breached the systems of a Netherlands software provider that Heineken had used for market research and surveys for its events. Data included age, gender, education, email addresses and more.

This is also not the first rodeo for 888, who is known for high-profile data leaks. Most recently, 888 listed major oil and gas multinational Shell on BreachForums, uploading 80,000 rows of data belonging to customers in nine countries, including Australia.

The threat actor, 888, posted a sample of the allegedly stolen data, with the details of 10 individuals, all of whom are Australians shopping at Shell Coles Express locations.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.