Online retailer PcComponentes says data breach claims are fake

Recorded: Jan. 21, 2026, 11:03 p.m.

Original

News

Featured
Latest

Credential-stealing Chrome extensions target enterprise HR platforms

Microsoft releases OOB Windows updates to fix shutdown, Cloud PC bugs

Jordanian pleads guilty to selling access to 50 corporate networks

Ingram Micro says ransomware attack affected 42,000 people

Chainlit AI framework bugs let hackers breach cloud environments

Cisco fixes Unified Communications RCE zero day exploited in attacks

New Android malware uses AI to click on hidden browser ads

Online retailer PcComponentes says data breach claims are fake

Tutorials

Latest
Popular

How to access the Dark Web using the Tor Browser

How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11

How to use the Windows Registry Editor

How to backup and restore the Windows Registry

How to start Windows in Safe Mode

How to remove a Trojan, Virus, Worm, or other Malware

How to show hidden files in Windows 7

How to see hidden files in Windows

Webinars
Downloads

Latest
Most Downloaded

Qualys BrowserCheck

STOPDecrypter

AuroraDecrypter

FilesLockerDecrypter

AdwCleaner

ComboFix

RKill

Junkware Removal Tool

Deals

Categories

eLearning

IT Certification Courses

Gear + Gadgets

Security

VPNs

Popular

Best VPNs

How to change IP address

Access the dark web safely

Best VPN for YouTube

Forums
More

Virus Removal Guides
Startup Database
Uninstall Database
Glossary
Send us a Tip!
Welcome Guide

HomeNewsSecurityOnline retailer PcComponentes says data breach claims are fake

Online retailer PcComponentes says data breach claims are fake

By Bill Toulas

January 21, 2026
03:55 PM
0

PcComponentes, a major technology retailer in Spain, has denied claims of a data breach on its systems impacting 16 million customers, but confirmed it suffered a credential stuffing attack.
The Spanish e-commerce company specializes in the sale of computers, laptops, peripherals, and hardware, and has an estimated 75 million unique marketplace visitors per year.
Yesterday, a threat actor named ‘daghetiaw’ published what they claimed to be a customer database stolen from PcComponentes, containing 16.3 million records. The threat actor leaked 500,000 records and offered to sell the rest to the highest bidder.

The leaked data contains order details, physical addresses, full names, phone numbers, IP addresses, product wish-lists, and customer support messages exchanged with the firm via Zendesk.

PcComponents data leak on hacker forumsSource: BleepingComputer
In an announcement today, PcComponents says that it investigated a possible breach of its systems, but its security experts found no evidence of unauthorized access.
"There has been no illegitimate access to our databases or internal systems," the company assures, adding that "the figure of 16 million supposedly affected customers is false, as the number of active PcComponentes accounts is significantly lower."
The company also underlined that no financial details or customer passwords are stored on its systems.
However, PcComponentes admitted that its investigation discovered evidence of a credential stuffing attack on its platform. This means that a threat actor tried email addresses and passwords from other security breaches or leaked databases to find PcComponentes accounts.
Credential stuffing attacks are typically automated and rely on large volumes of reused login credentials from other services.
An investigation from threat intelligence company Hudson Rock discovered that the attackers likely collected the login data from computers infected with info-stealing malware.
"Every single email we checked from the threat actor’s sample was found in existing infostealer logs," Hudson Rock says in a post today, adding that some of the logins were as old as 2020.
A screenshot that Hudson Rock published shows a set of six email addresses that were verified and all of them were marked as previously compromised in infostealer infections.
According to PcComponentes’ announcement, the following data was exposed for a small number of compromised accounts:
First and last names
National ID number
Physical addresses
IP addresses
Email addresses
Phone numbers
In response to the incident, PcComponentes has implemented a set of defenses that include CAPTCHA on the login pages, mandatory activation of two-factor authentication (2FA) for all accounts, and invalidation of all active sessions.
As a result, customers will be automatically logged out, and accounts without two-factor authentication (2FA) will be required to enable it before regaining access.
PcComponentes also recommends that customers use strong, unique passwords for each account, store their passwords in a password manager, and stay vigilant for potential phishing messages.
BleepingComputer has contacted PcComponentes to ask how many customers have been impacted precisely, but a statement wasn’t immediately available.

The 2026 CISO Budget Benchmark
It's budget season! Over 300 CISOs and security leaders have shared how they're planning, spending, and prioritizing for the year ahead. This report compiles their insights, allowing readers to benchmark strategies, identify emerging trends, and compare their priorities as they head into 2026.
Learn how top leaders are turning investment into measurable impact.
Download Now

Related Articles:
Spanish energy giant Endesa discloses data breach affecting customersCoupang data breach traced to ex-employee who retained system accessFreedom Mobile discloses data breach exposing customer dataCIRO confirms data breach exposed info on 750,000 Canadian investorsSouth Korean giant Kyowon confirms data theft in ransomware attack

Credential Stuffing
Customer Data
Data Breach
Data Theft
PcComponentes
Spain

Bill Toulas
Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.

Previous Article
Next Article

Popular Stories

Microsoft releases OOB Windows updates to fix shutdown, Cloud PC bugs

Ingram Micro says ransomware attack affected 42,000 people

New PDFSider Windows malware deployed on Fortune 100 firm's network

Sponsor Posts

Discover how phishing kits are sold and deployed. Download the full research report.

Identity Governance & Threat Detection in one: Get a guided tour of our platform

Discover how to scale IT infrastructure reliably without adding toil or burnout.

Upcoming Webinar

Main Sections

News
Webinars
VPN Buyer Guides
SysAdmin Software Guides
Downloads
Virus Removal Guides
Tutorials
Startup Database
Uninstall Database
Glossary

Community

Forums
Forum Rules
Chat

Useful Resources

Welcome Guide
Sitemap

Company

About BleepingComputer
Contact Us
Send us a Tip!
Advertising
Write for BleepingComputer
Social & Feeds
Changelog

Username

Password

Remember Me

Not a member yet? Register Now

Reporter

Help us understand the problem. What is going on with this comment?

Spam

Abusive or Harmful

Inappropriate content

Strong language

Other

Read our posting guidelinese to learn what content is prohibited.

Submitting...
SUBMIT

PcComponentes, a significant Spanish online retailer specializing in computer hardware and peripherals, responded to claims of a data breach affecting 16 million customers with a denial, attributing the incident to a credential stuffing attack rather than a widespread data compromise. The company's investigation, led by its security team, found no evidence of unauthorized access to its databases or internal systems. However, the investigation did reveal a sophisticated attack utilizing stolen credentials obtained from previously breached systems, primarily through information-stealing malware. Specifically, the threat actor, identified as ‘daghetiaw’, targeted the platform with a large volume of compromised email addresses and passwords, common tactics known as credential stuffing.

The leaked data, as initially reported by the threat actor, encompassed a substantial amount of customer information, including first and last names, national identification numbers, physical addresses, IP addresses, email addresses, and phone numbers. Crucially, the company confirmed that no financial data or customer passwords were stored on their systems, mitigating a potentially more severe outcome. The incident highlighted a vulnerability related to the reuse of credentials across multiple online services, a persistent issue contributing to numerous data breaches. The attack involved the collection of login data, some as old as 2020, from computers infected with malware. Subsequent to the discovery, PcComponentes implemented immediate defensive measures, including CAPTCHA verification on login pages, mandatory two-factor authentication (2FA) for all accounts, and the immediate invalidation of all active user sessions. This proactive approach was designed to prevent further exploitation of compromised accounts and restrict access for the threat actor. The company strongly recommended that affected customers utilize strong, unique passwords, ideally stored within a password manager, and remain vigilant against phishing attempts.

Hudson Rock, a threat intelligence company, played a key role in uncovering the attack by identifying the compromised credentials. Their investigation revealed that the credentials had been sourced from previously breached systems, a consistent pattern in credential stuffing attacks. The company's analysis demonstrated that the attacker had successfully leveraged stolen logins, some dated back to 2020, to gain access to a subset of PcComponentes accounts. This underscored the ongoing risk posed by outdated credentials and the importance of regular password rotation practices.

The incident serves as a cautionary tale regarding the prevalence of credential stuffing attacks and the vulnerabilities inherent in reuse of credentials across multiple online platforms. PcComponentes' response, while reactive, demonstrates an understanding of the threat and a commitment to bolstering its security posture. The immediate implementation of 2FA, alongside heightened awareness among customers, represents a reasonable step to mitigate further damage. Moving forward, it becomes imperative for PcComponentes, and indeed all online retailers, to focus on continuous monitoring for suspicious activity, proactive vulnerability management, and robust security awareness training for both its employees and its customer base. The incident emphasizes the need for a layered security approach, combining technological defenses with user education, to combat the evolving landscape of cyber threats.