Nearly 200,000 Zara customers were exposed in a third-party breach linked to ShinyHunters, revealing emails, purchase history, and support data.
Personal data belonging to nearly 197,000 Zara customers has been compromised following a cyberattack on a former technology provider used by Inditex, the Spanish fashion giant behind some of the world’s most recognized retail brands including Bershka, Pull&Bear, and Massimo Dutti.
The breach came to light last month when Inditex confirmed unauthorized access to databases hosted by a third-party vendor. The company was careful to limit the alarm: the compromised databases did not contain names, passwords, payment details, addresses, or phone numbers.
“Inditex has immediately applied its security protocols and has started notifying the relevant authorities of this unauthorized access, that stems from a security incident that affected a former technology provider and has impacted several companies operating internationally,” reads a statement by Inditex.
“Operations and systems haven’t been affected and customers can continue to access and use its services safely,”
What was exposed, however, tells a different story about the scale of the incident.
The data breach notification service Have I Been Pwned analyzed the stolen dataset and confirmed that 197,400 unique email addresses were among the compromised records, alongside order IDs, product SKUs, geographic locations, purchase history, and customer support tickets, enough to paint a detailed picture of individual shopping habits and interactions with the brand.
The extortion group ShinyHunters claimed the attack and the theft of a 140GB archive from BigQuery instances by exploiting compromised Anodot authentication tokens, the same technique they have used against dozens of other companies.
“Your Bigquery instances data was compromised thanks to Anodot.com.” the cybercrime group wrote on its Tor data leak site. “The company failed to reach an agreement with us despite our incredible patience, all the chances”
The Anodot vector is significant. ShinyHunters has told journalists that stolen Anodot tokens gave them access to analytics infrastructure across multiple large organizations simultaneously, a single point of failure that cascaded into dozens of separate breaches. The gang has also run coordinated vishing campaigns targeting employees’ SSO accounts at Microsoft Entra, Okta, and Google to move laterally into connected SaaS environments.
Inditex has not yet named the compromised provider or attributed the attack to a specific threat actor, despite ShinyHunters having publicly claimed it and released data as proof.
Zara is the flagship fashion brand of Inditex, one of the world’s largest apparel groups. Inditex reported revenue of about €38.6 billion in fiscal 2025 and employs roughly 160,000 people worldwide. Zara operates in more than 90 countries through thousands of stores and online platforms, making it one of the most globally recognized fast-fashion retailers.
Rival retailer Mango disclosed its own data breach last October, after a marketing vendor was hacked and customer data used in promotional campaigns was exposed. In that case, no extortion group has come forward, and the attackers remain unidentified.
Most of the time your NAS is sitting on the shelf, quietly storing whatever files you send to it. However, most NASes can do more than just back up your data, especially if they have free USB ports. These are some helpful ways you can get some extra use out of your NAS.
Use an external drive for real backups
Not all backups should live inside your NAS
It is tempting to look at your expensive NAS and think that it is all the backup solution you need. Unfortunately, it isn’t.
Proper mirroring, like you can get through RAID, can protect against a single disk failure, but it does nothing to protect you against accidental deletions, ransomware, file corruption or a catastrophic event, like a tumble off a shelf.
When all of your backups rely on a single system in one location, you’re setting yourself up for failure.
That is where your NAS’s USB port comes in. If you plug in an external drive into your NAS to create another backup, you get a true, isolated backup. Most NAS operating systems make this easy: just schedule jobs to copy important files over whenever the drive is connected.
Quiz
8 Questions · Test Your Knowledge
Network Attached Storage (NAS)
From basement file servers to enterprise data vaults — test how much you really know about NAS technology.
HistoryHardwareUse CasesProtocolsSecurity
Which company is widely credited with introducing one of the first commercially successful NAS appliances in the early 1990s?
Correct! Auspex Systems released the NS3000 in 1989, widely regarded as one of the earliest dedicated NAS appliances. They pioneered the concept of a standalone file server accessible over a network, laying the groundwork for the modern NAS industry.
Not quite. The answer is Auspex Systems, which launched one of the first dedicated NAS appliances — the NS3000 — back in 1989. While companies like Synology and QNAP are household names today, Auspex was breaking new ground decades before them.
Which network file sharing protocol is primarily used by NAS devices to serve files to Windows-based clients?
Correct! SMB (Server Message Block) is the dominant protocol for file sharing with Windows clients. Originally developed by IBM and later popularized by Microsoft, SMB is what allows Windows machines to seamlessly browse and access NAS shares as if they were local drives.
Not quite. The answer is SMB (Server Message Block). NFS is the protocol of choice for Linux and Unix clients, iSCSI is used for block-level storage, and FTP is a general file transfer protocol not optimized for seamless file system integration.
What does the RAID level ‘5’ specifically require as a minimum number of drives to function?
Correct! RAID 5 requires a minimum of three drives. It stripes data and parity information across all drives, meaning it can tolerate the failure of one drive without any data loss — making it a popular choice for NAS users who want a balance of performance, capacity, and redundancy.
Not quite. RAID 5 requires a minimum of three drives. The parity data distributed across all drives allows one drive to fail without losing data. RAID 1 only needs two drives, while RAID 6 requires four — so options vary depending on your redundancy needs.
What is ‘media server’ functionality on a NAS most commonly used for in a home environment?
Correct! Media server functionality — often powered by software like Plex, Emby, or Jellyfin running on the NAS — allows you to stream your locally stored media collection to TVs, phones, tablets, and more. It essentially turns your NAS into a personal Netflix for your own content library.
Not quite. The core use of a NAS media server is streaming locally stored movies, music, and photos to other devices on your network. Software like Plex or Jellyfin handles the heavy lifting, including transcoding video on the fly for devices that need it.
What is the ‘3-2-1 backup rule’ that NAS users are often advised to follow?
Correct! The 3-2-1 rule means: keep 3 total copies of your data, store them on 2 different types of media (e.g., NAS and external drive), and keep 1 copy in an offsite or cloud location. This strategy protects against hardware failure, theft, fire, and other disasters that could wipe out local backups.
Not quite. The 3-2-1 rule stands for: 3 copies of your data, stored on 2 different media types, with 1 copy kept offsite. It’s a best-practice framework designed to ensure your data survives almost any disaster scenario, from a failed hard drive to a house fire.
Which protocol allows a NAS to present storage to a computer as if it were a locally attached block device, rather than a file share?
Correct! iSCSI (Internet Small Computer Systems Interface) transmits SCSI commands over IP networks, allowing a NAS to present raw block storage to a host computer. The computer then formats and manages that storage like a local disk — making iSCSI ideal for virtual machines and databases that need low-level disk access.
Not quite. The answer is iSCSI. Unlike SMB or NFS, which share files over a network, iSCSI exposes raw block storage — the host computer sees a NAS volume as though it were a physically attached hard drive, which is critical for workloads like virtual machine datastores.
Which of the following best describes a ‘surveillance station’ use case for a NAS?
Correct! Many NAS brands — including Synology and QNAP — offer dedicated surveillance station software that turns the NAS into a Network Video Recorder (NVR). It can connect to multiple IP cameras, record footage continuously or on motion detection, and store months of video locally without a subscription fee.
Not quite. A surveillance station on a NAS refers to software that connects to IP security cameras, records video footage, and stores it locally. This makes a NAS a powerful and cost-effective alternative to cloud-based security systems, since you own and control all your recorded footage.
Synology, one of the most recognized NAS brands today, was founded in which year and country?
Correct! Synology was founded in Taiwan in 2000 and has grown into one of the most beloved NAS manufacturers in the world. Their DiskStation Manager (DSM) operating system is frequently praised for its polished interface and rich feature set, making Synology a top choice for both home users and businesses.
Not quite. Synology was founded in Taiwan in 2000. Taiwan has become a major hub for NAS hardware development, with competitors like QNAP also headquartered there. Synology’s DiskStation Manager software helped set the standard for what a user-friendly NAS experience could look like.
Challenge Complete
Your Score
/ 8
Thanks for playing!
And you don’t have to stop there. You can rotate multiple drives, one drive for daily or weekly backups and another stored somewhere safe. That gives you extra protection against malware, power surges, and bad luck. It’s not fancy, but it’s one of the most important things you can do with your NAS.
Stop treating your external drive like a backup dumping ground
Connect your NAS to an uninterruptible power supply
A UPS can save you from data corruption
Credit: Patrick Campanale / How-To Geek
NAS devices are built for 24/7 operation, so they’ll eventually experience a power outage or a power surge. That can be a problem for your data.
If your NAS loses power suddenly, you’re at risk of file system corruption, incomplete writes, and in a worst case scenario, total data loss.
An uninterruptible power supply keeps your NAS powered on for a short while during an outage, and if you connect them via USB, they can even exchange data. That link lets the NAS detect that power has gone out, monitor power levels, and shut itself down cleanly before the battery dies.
Without that USB connection, the NAS will just crash when the UPS finally dies.
If you’re using your NAS as a major part of your backup strategy, a small UPS that can connect over USB is definitely worthwhile.
Get a new network adapter
2.5Gb Ethernet or Wi-Fi on demand
Credit: Patrick Campanale / How-To Geek
Older or lesser NAS devices often have 1 gigabit Ethernet ports, while your drives and network could do better. Your NAS’s USB port might enable you to upgrade without replacing the whole unit.
Many NAS devices will allow you to connect a USB-to-2.5 gigabit Ethernet adapter to use instead of the built-in port. If you have SSDs, you’ll definitely be able to make use of the faster speeds offered by 2.5 gigabit Ethernet, since 1 gigabit tops out at about 125 megabytes per second. Even SATA SSDs can reach speeds of about 500 megabytes per second, and NVME SSDs can get well into the gigabyte per second range.
If you’re exclusively using mechanical hard drives, the benefit isn’t quite as clear-cut. Whether you’d benefit depends on how fast your drives are and how you have them configured.
There’s also a niche but useful option: USB Wi-Fi adapters. They’re not meant to replace Ethernet permanently, but they can be handy for temporary setups, troubleshooting network issues, or emergency access when wired connectivity fails.
You’ll need to confirm that your NAS supports USB Ethernet dongles—most do, but there are some that don’t.
Turn it into a print server
Give your old printer a new lease on life
Credit: Patrick Campanale / How-To Geek
USB-only printers are largely a thing of the past, since they were tied to one computer. Most modern printers connect to the Wi-Fi network instead, so they can be placed anywhere.
If your old USB printer is still going strong, you can use your NAS as a print server.
The setup is usually quite easy, but it’ll depend on your NAS.
Many have a setting that allows you to enable print sharing. In that case, all you need to do is plug the printer into the NAS, enable print sharing, and every device on your network can use it. Alternatively, you may need to install a specific app that allows you to use your NAS as a print server.
This is especially useful if you have a reliable older printer with no built-in networking, you don’t want to replace the hardware, and you only need occasional printing without extra hassle. It may not be the most exciting use of a NAS USB port, but it’s one of the most practical.
Your NAS may be even more customizable
Depending on your specific NAS, you may be able to do even more than this. Some of them allow you to run lightweight services for your home network, like a mini home lab, and some allow you to use a completely different operating system. If that is the case, there are a ton of ways to put your NAS to use.
8/10
CPU
Intel N95
Memory
8GB DDR5
Drive Bays
4x M.2 NVMe
Ports
5Gb/s Ethernet, USB-A, USB-C, HDMI 2.b
The TerraMaster F4 SSD is an all-SSD NAS that supports up to four 8TB NVMe drives. Shipping with 8GB of DDR5 RAM and the Intel N95 processor, this NAS actually can be user-upgraded with up to 32GB of DDR5 RAM. The onboard 5Gb/s Ethernet port supports 2.5Gb/s and 1Gb/s networking too, plus there are USB 3 10Gb/s Type-A and Type-C ports on the back for plugging in other peripherals, like hard drives or SSDs.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
May 08, 2026
