A data leak forum member has claimed to have access to the customer data of Kewal Kiran Clothing Ltd (KKCL), a major branded apparel manufacturer in India. 

The person under the alias IntelBroker claims to have access to a large database of Kewal Kiran Clothing customers.  

“In January 2023, a database of 1.3 million customers belonging to Kewal Kiran Clothing, one of India’s largest branded apparel manufacturers, was stolen by hackers,” said the post on the Breach Forums. 

KKCL, the manufacturer of apparel under popular Fashion Brands such as Killer Integriti, is yet to respond to the request from The Cyber Express for comments. 

The post on Breach Forums, made on Wednesday, had some sample data. An initial analysis by The Cyber Express found that many of the user info listed were genuine.  

The IntelBroker’s present avatar has been active on the forum since October 2022. Its previous targets include Autotrader, Volvo, Hilton Hotels, AT&T, and Verizon. 

Kewal Kiran Clothing and the scale of data breach 

The breach happened days after the announcement of KKCL teaming up with the Board of Control for Cricket in India (BCCI) to become the official sponsor of the Indian cricket team.

The company has a network of over 350 stores. Under the agreement with the BCCI, the Indian cricket team members will sport the “Killer” brand logo on their jerseys. 

KKCL manufactures a range of products including jeans, semi-formal wear, and casual wear for both men and women. Their in-house design team creates products under popular Indian fashion brands such as Killer, Lawman, Pg3, Easies, K-Lounge, and Integriti. 

The company was listed in April 2006 and has a current market capitlaisation of ₹26.62 billion ($320 million).  

Kewal Kiran Clothing, fashion brands, and data breaches 

Fashion brands and apparel manufacturers have been increasingly facing data breaches and ransomware attacks recently.  

Indian fashion business brand Aditya Birla Fashion and Retail disclosed a data breach in January 2022, in which over 5.4 million email addresses of its customers were exposed. 

Italian luxury fashion house Zegna confirmed a ransomware attack in August 2021, which caused a significant interruption to its IT systems. 

Shein, the world’s largest fashion retailer as of 2022, faced a data breach in 2018. In October 2022, Zoetop, the company behind the fashion brands Shein and Romwe, was fined $1.9 million by the state of New York for inadequate handling of a security incident. 

American fashion brand and retailer Guess disclosed a ransomware attack in July 2021. The attack happened in February, resulted in data theft.