French online marketplace ManoMano has begun notifying customers of a data breach after a cyberattack targeting one of its subcontractors resulted in the unauthorized extraction of account data.
The incident, which reportedly affects up to 38 million users, stems from a compromise of the company’s customer support environment.
ManoMano, founded in 2013 and headquartered in Paris, is a major European online marketplace specializing in DIY, home improvement, and gardening products. Often described as a French “unicorn,” the company operates across several European markets and serves tens of millions of customers, making it one of the region’s largest e-commerce platforms in its segment.
The notification, shared yesterday by a Telegram user on the Hackmanac channel, informs customers that ManoMano was alerted to the incident after one of its customer service providers suffered a cyberattack in January 2026. According to the company’s message, the attackers carried out an “illegal data extraction” through the account of one of the subcontractor’s agents, resulting in the download of personal data linked to customer accounts.
The exposed data includes customers’:
- First and last names
- Email addresses
- Phone numbers
- Communications exchanged with ManoMano’s customer service department
The company states that passwords were not affected and that no data was altered. ManoMano says it blocked the compromised account on the same day the incident was discovered and subsequently revoked the subcontractor’s access to customer data. The company also reports implementing reinforced access controls internally and across other service providers.
Hackmanac
French authorities, including the CNIL (Commission nationale de l’informatique et des libertés), ANSSI (Agence nationale de la sécurité des systèmes d’information), and the Urgence Cyber Île-de-France platform, were also notified.
The disclosure follows earlier reports claiming that a threat actor operating under the alias “Indra” had offered for sale data allegedly stolen from ManoMano’s Zendesk customer support platform. Reportedly, the hacker claimed to have accessed 37.8 million user accounts, including approximately 935,000 after-sales service tickets and more than 13,500 file attachments across France, Spain, Italy, the United Kingdom, and Germany. The dataset was said to total around 43 GB.
In its notice to customers, ManoMano warns that the stolen information could be used in phishing attempts, SMS scams, phone-based fraud, or identity theft. The company advises users to carefully verify the origin of emails and calls, avoid clicking on suspicious links, refrain from sharing sensitive information such as banking details or login credentials, and monitor financial accounts for unauthorized transactions. Customers who detect fraudulent activity are urged to contact their banks immediately.
If you liked this article, be sure to follow us on X/Twitter and also LinkedIn for more exclusive content.
