July 13, 2026, 2:36 pm | Read time: 2 minutes
Most people still associate grocery discounters with visiting their physical stores. This can easily overshadow how much also happens digitally, whether through customer programs in apps or online shops. This also means that a lot of personal user data is in circulation. But now, an IT service provider for Lidl has been hacked–with consequences for customers.
Lidl Service Provider Hacked–These Data Are Affected
This is now reported by sources such as “heise online.” According to them, an IT service provider working for Lidl was hacked. The company has already confirmed the incident and has transparently informed its customers via email.
Primarily, it affects people registered with Lidl’s online shop. According to the letter, the perpetrators had brief access to a file containing personal data, from which they could extract parts. This includes basic data such as the salutation, first and last name, phone number, email address, date of birth, and customer number of the respective person.
Beware of Phishing
At least: The message to customers states that, at the “current time,” it can be ruled out that passwords, billing and delivery addresses, bank data, or other payment information have leaked. However, this contradicts a report from “Ad Hoc News,” which states that Lidl cannot rule this out. TECHBOOK has made an inquiry for clarification and received the following response:
“The online shop system itself was not affected. Passwords, billing and delivery addresses, bank data, or other payment information of our customers are explicitly not affected. Customer accounts were not compromised.”
Also of interest: Lidl ends old bonus program
Lidl has informed the data protection authority, and the IT service provider is said to have filed a criminal complaint and secured its systems. The hack reportedly also affected Belgium and the Netherlands. So far, there are no specific indications of misuse of the stolen data. However, customers are now urged to be more vigilant about phishing campaigns and potential identity misuse.