ManoMano Data Breach Affects 38 Million Customers via Third-Party Service Provider

First reported

26.02.2026 19:35

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

ManoMano, a European DIY e-commerce platform, disclosed a data breach impacting 38 million customers. The breach occurred in January 2026 due to unauthorized access to a third-party customer service provider. Exposed data includes full names, email addresses, phone numbers, and customer service communications. No account passwords were compromised. The company has taken steps to secure its environment and notified relevant authorities and affected customers. The breach was claimed by an individual using the alias 'Indra' on a hacker forum, alleging the theft of 37.8 million user accounts and thousands of support tickets. The compromised service provider is reportedly a Tunis-based customer support firm that suffered a Zendesk breach.

Timeline

26.02.2026 19:35 1 articles · 2h ago

ManoMano Data Breach Affects 38 Million Customers via Third-Party Service Provider
ManoMano disclosed a data breach impacting 38 million customers due to unauthorized access to a third-party customer service provider in January 2026. Exposed data includes full names, email addresses, phone numbers, and customer service communications. The breach was claimed by an individual using the alias 'Indra' on a hacker forum. The compromised service provider is reportedly a Tunis-based customer support firm that suffered a Zendesk breach. ManoMano has taken steps to secure its environment and notified relevant authorities and affected customers.
Show sources

European DYI chain ManoMano data breach impacts 38 million customers — www.bleepingcomputer.com — 26.02.2026 19:35
Open in new tab

Information Snippets

ManoMano identified unauthorized access to a third-party customer service provider in January 2026.
First reported: 26.02.2026 19:35

1 source, 1 article
Show sources
- European DYI chain ManoMano data breach impacts 38 million customers — www.bleepingcomputer.com — 26.02.2026 19:35
The breach impacted 38 million customers, exposing full names, email addresses, phone numbers, and customer service communications.
First reported: 26.02.2026 19:35

1 source, 1 article
Show sources
- European DYI chain ManoMano data breach impacts 38 million customers — www.bleepingcomputer.com — 26.02.2026 19:35
No account passwords were accessed, and no data modifications occurred on ManoMano's systems.
First reported: 26.02.2026 19:35

1 source, 1 article
Show sources
- European DYI chain ManoMano data breach impacts 38 million customers — www.bleepingcomputer.com — 26.02.2026 19:35
ManoMano has taken steps to secure its environment, including disabling relevant access, revoking the subcontractor's access to customer data, and strengthening access controls and monitoring.
First reported: 26.02.2026 19:35

1 source, 1 article
Show sources
- European DYI chain ManoMano data breach impacts 38 million customers — www.bleepingcomputer.com — 26.02.2026 19:35
The company notified the CNIL and ANSSI and informed impacted customers with guidance to remain vigilant against phishing and social engineering attempts.
First reported: 26.02.2026 19:35

1 source, 1 article
Show sources
- European DYI chain ManoMano data breach impacts 38 million customers — www.bleepingcomputer.com — 26.02.2026 19:35
An individual using the alias 'Indra' claimed responsibility for the breach on a hacker forum, alleging the theft of 37.8 million user accounts and thousands of support tickets.
First reported: 26.02.2026 19:35

1 source, 1 article
Show sources
- European DYI chain ManoMano data breach impacts 38 million customers — www.bleepingcomputer.com — 26.02.2026 19:35
The compromised service provider is reportedly a Tunis-based customer support firm that suffered a Zendesk breach.
First reported: 26.02.2026 19:35

1 source, 1 article
Show sources
- European DYI chain ManoMano data breach impacts 38 million customers — www.bleepingcomputer.com — 26.02.2026 19:35