Real-time delivery data may be compromised at one of Poland’s largest logistics companies.
Last week, I ordered a product from abroad.
Everything seemed normal:- email confirmation from DPD- SMS with delivery estimate
Then things took a turn.
A few hours before the package arrived, I received a second text - this time from a spoofed sender posing as DPD.
- the message looked official
- it was in Polish
- it even referenced the exact delivery date
But it included a phishing link.
This wasn’t random spam.
This was precision-targeted phishing using real-time logistics data.
Which raises some serious questions:- do threat actors now have live access to DPD’s delivery infrastructure?- if so, are we looking at a system-level breach?- and what are the GDPR implications if customer data is no longer secure?The average customer wouldn’t spot the fake. And that’s what makes this so dangerous.
Right now, we don’t know the scale of the breach. But if you or your customers use DPD, stay alert.
This isn’t just a delivery issue. It’s a data protection problem. And potentially, a legal one too.
