French DIY marketplace ManoMano warns customers after subcontractor cyberattack exposed personal data, with criminals claiming access to 37M+ accounts.
French online marketplace ManoMano has confirmed that customer data was stolen following a cyberattack on one of its customer support subcontractors in January 2026.
The company notified affected users that personal information including names, email addresses, phone numbers, and customer service communications was accessed during the incident. ManoMano emphasized that passwords were not compromised and that customer account data itself remained intact.
While ManoMano has not publicly identified the affected subcontractor, unconfirmed reports suggest the attack vector was Zendesk, the widely used customer support platform that has been targeted in previous breaches.
Adding to concerns, a threat actor on BreachForums claiming responsibility for the breach has boasted about accessing 37.8 million user accounts totaling approximately 43 GB of data. The alleged dataset reportedly includes 935,000 after-sales service tickets and over 13,500 attachments, spanning multiple European markets including France, Spain, Italy, Germany, and the UK.
In response to the breach, ManoMano stated it immediately blocked the compromised account upon discovery and revoked all subcontractor access to customer data. The company reported the incident to France's data protection authority CNIL and the national cybersecurity agency ANSSI.
ManoMano warned customers that the stolen information could be used for phishing or impersonation attempts and advised heightened vigilance against potential fraud. As a dedicated third-party marketplace connecting DIY and home improvement buyers with verified merchants across Europe, the scale of the alleged compromise raises questions about the subcontractor's level of access to customer data.
The breach highlights ongoing risks associated with third-party service providers and the potential for supply chain attacks to expose sensitive customer information even when primary systems remain secure.
What this means for customers:
- Personal information including names, emails, and phone numbers may have been accessed
- Customer service communications could be exposed
- No passwords were compromised according to ManoMano
- Users should watch for phishing attempts using their stolen information
- The company has revoked subcontractor access to prevent further exposure
For businesses: This incident underscores the importance of vetting third-party vendors, limiting data access to only what's necessary, and having incident response plans that account for supply chain vulnerabilities.
Comments
Please log in or register to join the discussion