Gloria Jeans has disclosed a data breach affecting its online platform, according to information shared by the company’s press office and later reported by TASS. The breach appears to involve user data that could have been exposed during a period of technical activity on the company’s site. The confirmation comes as Gloria Jeans says it has notified the relevant regulator about the incident and is cooperating with the ongoing investigation.
In the official briefing, the company estimated that more than three million users may have had personal information accessed by unauthorized parties. The assertion points to the timing of the leak happening during routine technical work on the website, a scenario that raises questions about security safeguards during maintenance windows and the visibility of user credentials during such operations. Gloria Jeans states that additional protective measures have been put in place to minimize further risk and to safeguard information already at risk.
Roskomnadzor, the Russian supervisory authority for communications and information technology, has been informed about the breach. The regulator has emphasized that operators responsible for personal data must report incidents within a 24 hour window by law, and Gloria Jeans reportedly complied with this requirement by informing Roskomnadzor promptly. The regulator has also indicated it will review the case to determine whether data protection rules were violated and to assess the adequacy of the company’s response plan.
Observers note that any leak of this scale can have broad implications for customers who shopped on the Gloria Jeans site and for the company’s reputation. Personal data potentially exposed in such incidents can include names, contact details, purchase histories, and other information linked to user accounts. The breach underscores the importance of robust security practices around maintenance periods, including strict access controls, comprehensive change management processes, and rapid detection mechanisms to distinguish legitimate maintenance actions from unauthorized data access.
For users who registered on the Gloria Jeans platform, there is a heightened need to monitor for unusual activity and to implement strong authentication where available. Security experts commonly advise changing passwords on affected accounts, enabling multi factor authentication if offered by the service, and reviewing account settings for any unfamiliar connections or permissions. While Gloria Jeans has stated it is working to contain the incident, customers should remain vigilant for suspicious emails, messages, or attempts to impersonate the company as attackers attempt to capitalize on the breach.
The incident also raises broader questions about how fashion retailers manage customer data during software updates and platform maintenance. Industry observers emphasize the value of end to end encryption for sensitive fields, segregated data environments for testing, and clear, auditable logs that help distinguish legitimate maintenance access from potential data exfiltration. In addition, rapid and transparent communication with customers is praised as a key element of crisis management, helping to preserve trust even when a breach occurs.
Gloria Jeans has reiterated that it will continue cooperating with Roskomnadzor and other relevant authorities throughout the investigation. The company also indicated it would publicly share further details as they become available and as the regulator’s review progresses. For users, the unfolding scenario serves as a reminder of the importance of staying informed about security practices of online retailers and the steps being taken to protect personal information in the digital shopping landscape.