"The attack occurred in January and was disclosed this week, when ManoMano started notifying the potentially affected customers of the incident. According to the company's notification, copies of which were shared on X, the data was stolen after a customer service subcontractor was compromised. The hackers stole customers' names, email addresses, and phone numbers, along with customer service exchanges."
"A threat actor using the name of 'Indra' claimed the attack on the underground hacking portal BreachForums, saying they stole roughly 43GB of data from the company. The data, the threat actor claims, includes information associated with 37.8 million ManoMano user accounts, over 900,000 service tickets, and over 13,000 attachments."
"The stolen data allegedly pertains to ManoMano users across all five European countries where it operates, namely France, Germany, Italy, Spain, and the United Kingdom. The hacker allegedly accessed the company's data after compromising a customer support service provider in Tunisia."
ManoMano, a major European DIY and home improvement ecommerce platform, suffered a significant data breach in January affecting roughly 38 million customers across France, Germany, Italy, Spain, and the United Kingdom. Hackers compromised a customer service subcontractor, gaining unauthorized access to the company's Zendesk support portal. The stolen data includes customer names, email addresses, phone numbers, and customer service interactions. A threat actor claiming the handle 'Indra' disclosed the breach on BreachForums, stating they obtained approximately 43GB of data including over 900,000 service tickets and 13,000 attachments. The attacker allegedly accessed the system through a compromised support service provider in Tunisia.
#data-breach #manomano #customer-data-compromise #third-party-vulnerability #european-ecommerce-security
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]