ManoMano Data Breach Exposes 38 Million European Customers
▼ Summary
– DIY retailer ManoMano suffered a data breach in January 2026 after hackers compromised a third-party customer service provider.
– The breach affected approximately 38 million individuals, exposing personal data like names, email addresses, phone numbers, and customer service communications.
– A hacker using the alias “Indra” claimed responsibility for the attack, alleging to have stolen data on 37.8 million user accounts and support tickets.
– ManoMano confirmed that no account passwords were accessed and that it has taken steps to secure its systems and notify relevant authorities and customers.
– The company is advising affected customers to be vigilant against phishing, monitor their bank accounts, and verify the authenticity of communications.
A major European online retailer has begun alerting millions of customers following a significant data breach. The incident, which impacted the popular DIY and home improvement marketplace ManoMano, originated not from the company’s own systems but from a compromised third-party service provider. The company confirmed the unauthorized access was identified in January 2026, with an investigation determining that personal data belonging to approximately 38 million individuals was extracted.
ManoMano, a French e-commerce platform serving customers across France, Belgium, Spain, Italy, Germany, and the United Kingdom, stated the breach was linked to a subcontractor handling customer service operations. This aligns with claims made earlier this month by a hacker using the alias “Indra,” who posted on a forum alleging possession of data from 37.8 million user accounts along with support tickets. Unverified reports suggest the involved third party was a Tunis-based support provider that experienced a breach through its Zendesk platform.
The types of information exposed are not uniform for all affected customers. According to the company, the compromised data varies based on an individual’s interactions with customer service. The stolen information includes full names, email addresses, phone numbers, and the content of customer service communications. ManoMano has stressed that account passwords were not accessed and that no data was altered within its own internal systems.
Upon discovering the incident, the company took swift action to contain the threat. “We took immediate steps to secure our environment, including disabling the relevant access, revoking the subcontractor’s access to customer data, and strengthening access controls and monitoring,” a spokesperson explained. The relevant data protection authorities, including France’s CNIL and ANSSI, were notified, and impacted customers are being contacted directly.
The customer notifications include critical guidance for enhancing personal security in the wake of the breach. Individuals are advised to scrutinize incoming communications, carefully verify sender identities, and actively monitor their bank accounts for any signs of fraudulent activity. Customers are also warned to avoid clicking on suspicious links or downloading unexpected email attachments, as stolen personal data is often used to craft convincing phishing and social engineering campaigns.
ManoMano has stated that its internal investigation remains active, limiting the amount of additional technical detail it can currently disclose. The company’s proactive notification effort underscores the severe risks posed by supply chain attacks, where a vulnerability in a vendor’s system can lead to a widespread compromise of a primary company’s customer data.
(Source: Bleeping Computer)
