PcComponentes customer database leak claim and sample publication
Data Leak
Summary
Hide ▲
Show ▼
A threat actor named daghetiaw published a claimed PcComponentes customer database and offered it for sale, putting 16.3 million records at risk. The actor said 500,000 records were leaked, and the data included order details, full names, phone numbers, physical addresses, IP addresses, product wish-lists, and Zendesk support messages. PcComponentes denied evidence of unauthorized access but confirmed a credential stuffing attack, making the publication significant because it mixes an unverified breach claim with a real account-abuse event.
Related Happenings
ManoMano customer data leak from subcontractor
Data Leak
First: 26.02.2026 19:35
Last: 26.02.2026 19:35
Sources 1
About this happening:
The **ManoMano** data leak exposed personal data linked to **38 million individuals** after unauthorized access to a **third-party customer service provider**. The exposed records...
ManoMano customer data leak from subcontractor
Data LeakAbout this happening: The **ManoMano** data leak exposed personal data linked to **38 million individuals** after unauthorized access to a **third-party customer service provider**. The exposed records...
PcComponentes hit by cyberattack
Incident
First: 21.01.2026 22:55
Last: 21.01.2026 22:55
Sources 1
How related:
However, PcComponentes admitted that its investigation discovered evidence of a credential stuffing attack on its platform.
About this happening:
**PcComponentes** confirmed a **credential stuffing attack** on its platform, and the event mattered because a **small number of accounts** were compromised and account protection...
PcComponentes hit by cyberattack
IncidentHow related: However, PcComponentes admitted that its investigation discovered evidence of a credential stuffing attack on its platform.
About this happening: **PcComponentes** confirmed a **credential stuffing attack** on its platform, and the event mattered because a **small number of accounts** were compromised and account protection...
YouTubeTA StealC malware campaign against cracked-Adobe seekers in 2025
Campaign
First: 16.01.2026 23:00
Last: 16.01.2026 23:00
Sources 1
About this happening:
The **YouTubeTA** operation ran **malware campaigns throughout 2025**, turning **cracked Adobe Photoshop and Adobe After Effects** searches into a large-scale **credential theft**...
YouTubeTA StealC malware campaign against cracked-Adobe seekers in 2025
CampaignAbout this happening: The **YouTubeTA** operation ran **malware campaigns throughout 2025**, turning **cracked Adobe Photoshop and Adobe After Effects** searches into a large-scale **credential theft**...
Grubhub Salesforce and Zendesk data extortion leak
Data Leak
First: 15.01.2026 23:38
Last: 15.01.2026 23:38
Sources 1
About this happening:
**Grubhub** is facing a **data leak extortion** attempt after stolen **Salesforce** and **Zendesk** data were tied to a **February 2025 breach** and a more recent compromise. The...
Grubhub Salesforce and Zendesk data extortion leak
Data LeakAbout this happening: **Grubhub** is facing a **data leak extortion** attempt after stolen **Salesforce** and **Zendesk** data were tied to a **February 2025 breach** and a more recent compromise. The...
Pax8 customer data exposed after Pax8 breach
Data Leak
First: 14.01.2026 14:01
Last: 14.01.2026 14:01
Sources 1
About this happening:
**Pax8** confirmed that it accidentally sent a spreadsheet with **internal pricing** and **Microsoft program data** to **fewer than 40 UK-based recipients**, exposing partner busi...
Pax8 customer data exposed after Pax8 breach
Data LeakAbout this happening: **Pax8** confirmed that it accidentally sent a spreadsheet with **internal pricing** and **Microsoft program data** to **fewer than 40 UK-based recipients**, exposing partner busi...
Timeline
-
21.01.2026 22:55 1 articles · 4mo ago
daghetiaw publishes claimed PcComponentes database
Initial DisclosureA threat actor named daghetiaw published a claimed customer database for PcComponentes, said it contained 16.3 million records, leaked 500,000 records, and offered the rest for sale. The sample included order details, physical addresses, full names, phone numbers, IP addresses, product wish-lists, and customer support messages exchanged via Zendesk.
Show sources
- Online retailer PcComponentes says data breach claims are fake — www.bleepingcomputer.com — 21.01.2026 22:55
-
21.01.2026 22:55 1 articles · 4mo ago
Hudson Rock ties reused logins to infostealer logs
Technical Analysis UpdateHudson Rock said every email it checked from the threat actor sample matched existing infostealer logs, and noted that some of the logins were as old as 2020. The analysis also showed verified email addresses marked as previously compromised in infostealer infections.
Show sources
- Online retailer PcComponentes says data breach claims are fake — www.bleepingcomputer.com — 21.01.2026 22:55
-
21.01.2026 22:55 2 articles · 4mo ago
PcComponentes enables login defenses and forces 2FA
Mitigation Patch UpdatePcComponentes said it found no evidence of unauthorized access, but confirmed evidence of a credential stuffing attack on its platform and said a small number of compromised accounts exposed first and last names, national ID number, physical addresses, IP addresses, email addresses, and phone numbers. The company implemented CAPTCHA on login pages, mandatory activation of two-factor authentication (2FA) for all accounts, and invalidation of all active sessions.
Show sources
- Online retailer PcComponentes says data breach claims are fake — www.bleepingcomputer.com — 21.01.2026 22:55
- Online retailer PcComponentes says data breach claims are fake — www.bleepingcomputer.com — 21.01.2026 22:55