The website of retail chain Shwapno has been hacked with attackers releasing customers’ personal information online and demanding a large ransom from the company.
The leaked data circulating across Facebook and various websites since Saturday reportedly includes names, phone numbers and purchase histories of customers who shopped at Shwapno in 2025.
Shwapno Managing Director Sabbir Hasan said hackers had gained control of the company’s customer database last year and had been demanding $1.5 million since around August 2025 to restore access. The company did not comply with the demand.
Urging caution, Shwapno advised customers to remain alert against potential phishing attempts and fraud.
“We request customers not to share personal or financial information over calls or messages from unknown or suspicious numbers, and to avoid clicking on unverified links,” the company said, adding that it never asks for passwords or OTPs over phone calls.
The company, a subsidiary of ACI PLC, said it is preparing to file a case and is working with local law enforcement, including the Counter Terrorism and Transnational Crime (CTTC) unit, as well as international forensic experts to address the breach.